SUSE update for the Linux Kernel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 427 |
| CVE-ID | CVE-2023-0160 CVE-2023-47233 CVE-2023-52434 CVE-2023-52458 CVE-2023-52463 CVE-2023-52472 CVE-2023-52483 CVE-2023-52492 CVE-2023-52503 CVE-2023-52591 CVE-2023-52608 CVE-2023-52616 CVE-2023-52618 CVE-2023-52631 CVE-2023-52635 CVE-2023-52640 CVE-2023-52641 CVE-2023-52645 CVE-2023-52652 CVE-2023-52653 CVE-2023-52654 CVE-2023-52655 CVE-2023-52657 CVE-2023-52658 CVE-2023-52659 CVE-2023-52660 CVE-2023-52661 CVE-2023-52662 CVE-2023-52663 CVE-2023-52664 CVE-2023-52667 CVE-2023-52669 CVE-2023-52670 CVE-2023-52671 CVE-2023-52673 CVE-2023-52674 CVE-2023-52675 CVE-2023-52676 CVE-2023-52678 CVE-2023-52679 CVE-2023-52680 CVE-2023-52681 CVE-2023-52683 CVE-2023-52685 CVE-2023-52686 CVE-2023-52687 CVE-2023-52690 CVE-2023-52691 CVE-2023-52692 CVE-2023-52693 CVE-2023-52694 CVE-2023-52695 CVE-2023-52696 CVE-2023-52697 CVE-2023-52698 CVE-2023-52771 CVE-2023-52772 CVE-2023-52860 CVE-2023-52882 CVE-2023-6238 CVE-2023-6270 CVE-2023-6531 CVE-2023-7042 CVE-2024-0639 CVE-2024-21823 CVE-2024-22099 CVE-2024-23848 CVE-2024-24861 CVE-2024-25739 CVE-2024-26601 CVE-2024-26611 CVE-2024-26614 CVE-2024-26632 CVE-2024-26638 CVE-2024-26642 CVE-2024-26643 CVE-2024-26652 CVE-2024-26654 CVE-2024-26656 CVE-2024-26657 CVE-2024-26671 CVE-2024-26673 CVE-2024-26674 CVE-2024-26675 CVE-2024-26679 CVE-2024-26684 CVE-2024-26685 CVE-2024-26692 CVE-2024-26696 CVE-2024-26697 CVE-2024-26704 CVE-2024-26714 CVE-2024-26726 CVE-2024-26731 CVE-2024-26733 CVE-2024-26736 CVE-2024-26737 CVE-2024-26739 CVE-2024-26740 CVE-2024-26742 CVE-2024-26756 CVE-2024-26757 CVE-2024-26760 CVE-2024-26761 CVE-2024-26764 CVE-2024-26769 CVE-2024-26772 CVE-2024-26773 CVE-2024-26774 CVE-2024-26775 CVE-2024-26779 CVE-2024-26783 CVE-2024-26786 CVE-2024-26791 CVE-2024-26793 CVE-2024-26794 CVE-2024-26802 CVE-2024-26805 CVE-2024-26807 CVE-2024-26815 CVE-2024-26816 CVE-2024-26822 CVE-2024-26828 CVE-2024-26832 CVE-2024-26836 CVE-2024-26844 CVE-2024-26846 CVE-2024-26848 CVE-2024-26853 CVE-2024-26854 CVE-2024-26855 CVE-2024-26856 CVE-2024-26857 CVE-2024-26858 CVE-2024-26860 CVE-2024-26861 CVE-2024-26862 CVE-2024-26866 CVE-2024-26868 CVE-2024-26870 CVE-2024-26878 CVE-2024-26881 CVE-2024-26882 CVE-2024-26883 CVE-2024-26884 CVE-2024-26885 CVE-2024-26898 CVE-2024-26899 CVE-2024-26900 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906 CVE-2024-26909 CVE-2024-26921 CVE-2024-26922 CVE-2024-26923 CVE-2024-26925 CVE-2024-26928 CVE-2024-26932 CVE-2024-26933 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937 CVE-2024-26938 CVE-2024-26940 CVE-2024-26943 CVE-2024-26945 CVE-2024-26946 CVE-2024-26948 CVE-2024-26949 CVE-2024-26950 CVE-2024-26951 CVE-2024-26956 CVE-2024-26957 CVE-2024-26958 CVE-2024-26960 CVE-2024-26961 CVE-2024-26962 CVE-2024-26963 CVE-2024-26964 CVE-2024-26972 CVE-2024-26973 CVE-2024-26978 CVE-2024-26979 CVE-2024-26981 CVE-2024-26982 CVE-2024-26983 CVE-2024-26984 CVE-2024-26986 CVE-2024-26988 CVE-2024-26989 CVE-2024-26990 CVE-2024-26991 CVE-2024-26992 CVE-2024-26993 CVE-2024-26994 CVE-2024-26995 CVE-2024-26996 CVE-2024-26997 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27002 CVE-2024-27003 CVE-2024-27004 CVE-2024-27008 CVE-2024-27013 CVE-2024-27014 CVE-2024-27022 CVE-2024-27027 CVE-2024-27028 CVE-2024-27029 CVE-2024-27030 CVE-2024-27031 CVE-2024-27036 CVE-2024-27046 CVE-2024-27056 CVE-2024-27057 CVE-2024-27062 CVE-2024-27067 CVE-2024-27080 CVE-2024-27388 CVE-2024-27389 CVE-2024-27393 CVE-2024-27395 CVE-2024-27396 CVE-2024-27398 CVE-2024-27399 CVE-2024-27400 CVE-2024-27401 CVE-2024-27405 CVE-2024-27408 CVE-2024-27410 CVE-2024-27411 CVE-2024-27412 CVE-2024-27413 CVE-2024-27416 CVE-2024-27417 CVE-2024-27418 CVE-2024-27431 CVE-2024-27432 CVE-2024-27434 CVE-2024-27435 CVE-2024-27436 CVE-2024-35784 CVE-2024-35786 CVE-2024-35788 CVE-2024-35789 CVE-2024-35790 CVE-2024-35791 CVE-2024-35794 CVE-2024-35795 CVE-2024-35796 CVE-2024-35799 CVE-2024-35800 CVE-2024-35801 CVE-2024-35803 CVE-2024-35804 CVE-2024-35806 CVE-2024-35808 CVE-2024-35809 CVE-2024-35810 CVE-2024-35811 CVE-2024-35812 CVE-2024-35813 CVE-2024-35814 CVE-2024-35815 CVE-2024-35817 CVE-2024-35819 CVE-2024-35821 CVE-2024-35822 CVE-2024-35823 CVE-2024-35824 CVE-2024-35825 CVE-2024-35828 CVE-2024-35829 CVE-2024-35830 CVE-2024-35833 CVE-2024-35834 CVE-2024-35835 CVE-2024-35836 CVE-2024-35837 CVE-2024-35838 CVE-2024-35841 CVE-2024-35842 CVE-2024-35845 CVE-2024-35847 CVE-2024-35849 CVE-2024-35850 CVE-2024-35851 CVE-2024-35852 CVE-2024-35854 CVE-2024-35860 CVE-2024-35861 CVE-2024-35862 CVE-2024-35863 CVE-2024-35864 CVE-2024-35865 CVE-2024-35866 CVE-2024-35867 CVE-2024-35868 CVE-2024-35869 CVE-2024-35870 CVE-2024-35872 CVE-2024-35875 CVE-2024-35877 CVE-2024-35878 CVE-2024-35879 CVE-2024-35883 CVE-2024-35885 CVE-2024-35887 CVE-2024-35889 CVE-2024-35891 CVE-2024-35895 CVE-2024-35901 CVE-2024-35903 CVE-2024-35904 CVE-2024-35905 CVE-2024-35907 CVE-2024-35909 CVE-2024-35911 CVE-2024-35912 CVE-2024-35914 CVE-2024-35915 CVE-2024-35916 CVE-2024-35917 CVE-2024-35921 CVE-2024-35922 CVE-2024-35924 CVE-2024-35927 CVE-2024-35928 CVE-2024-35930 CVE-2024-35931 CVE-2024-35932 CVE-2024-35933 CVE-2024-35935 CVE-2024-35936 CVE-2024-35937 CVE-2024-35938 CVE-2024-35940 CVE-2024-35943 CVE-2024-35944 CVE-2024-35945 CVE-2024-35946 CVE-2024-35947 CVE-2024-35950 CVE-2024-35951 CVE-2024-35952 CVE-2024-35953 CVE-2024-35954 CVE-2024-35955 CVE-2024-35956 CVE-2024-35958 CVE-2024-35959 CVE-2024-35960 CVE-2024-35961 CVE-2024-35963 CVE-2024-35964 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-35969 CVE-2024-35971 CVE-2024-35972 CVE-2024-35973 CVE-2024-35974 CVE-2024-35975 CVE-2024-35977 CVE-2024-35978 CVE-2024-35981 CVE-2024-35982 CVE-2024-35984 CVE-2024-35986 CVE-2024-35989 CVE-2024-35990 CVE-2024-35991 CVE-2024-35992 CVE-2024-35995 CVE-2024-35997 CVE-2024-35999 CVE-2024-36002 CVE-2024-36006 CVE-2024-36007 CVE-2024-36009 CVE-2024-36011 CVE-2024-36012 CVE-2024-36013 CVE-2024-36014 CVE-2024-36015 CVE-2024-36016 CVE-2024-36018 CVE-2024-36019 CVE-2024-36020 CVE-2024-36021 CVE-2024-36025 CVE-2024-36026 CVE-2024-36029 CVE-2024-36030 CVE-2024-36032 CVE-2024-36880 CVE-2024-36885 CVE-2024-36890 CVE-2024-36891 CVE-2024-36893 CVE-2024-36894 CVE-2024-36895 CVE-2024-36896 CVE-2024-36897 CVE-2024-36898 CVE-2024-36906 CVE-2024-36918 CVE-2024-36921 CVE-2024-36922 CVE-2024-36928 CVE-2024-36930 CVE-2024-36931 CVE-2024-36936 CVE-2024-36940 CVE-2024-36941 CVE-2024-36942 CVE-2024-36944 CVE-2024-36947 CVE-2024-36949 CVE-2024-36950 CVE-2024-36951 CVE-2024-36955 CVE-2024-36959 |
| CWE-ID | CWE-667 CWE-416 CWE-119 CWE-476 CWE-399 CWE-665 CWE-125 CWE-362 CWE-200 CWE-401 CWE-388 CWE-20 CWE-415 CWE-191 CWE-190 CWE-908 CWE-120 CWE-502 CWE-754 CWE-284 CWE-369 CWE-404 CWE-366 CWE-617 CWE-682 CWE-193 CWE-835 CWE-787 CWE-252 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Public Cloud Module Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system kernel-source-azure Operating systems & Components / Operating system package or component kernel-devel-azure Operating systems & Components / Operating system package or component kernel-azure-vdso Operating systems & Components / Operating system package or component kernel-azure-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-azure Operating systems & Components / Operating system package or component kernel-azure-optional-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-azure Operating systems & Components / Operating system package or component kernel-azure-devel Operating systems & Components / Operating system package or component kernel-azure-debugsource Operating systems & Components / Operating system package or component reiserfs-kmp-azure-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-azure Operating systems & Components / Operating system package or component kernel-azure-livepatch-devel Operating systems & Components / Operating system package or component cluster-md-kmp-azure Operating systems & Components / Operating system package or component gfs2-kmp-azure-debuginfo Operating systems & Components / Operating system package or component kernel-azure-devel-debuginfo Operating systems & Components / Operating system package or component kernel-syms-azure Operating systems & Components / Operating system package or component cluster-md-kmp-azure-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-azure-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-azure Operating systems & Components / Operating system package or component ocfs2-kmp-azure-debuginfo Operating systems & Components / Operating system package or component kernel-azure-optional Operating systems & Components / Operating system package or component dlm-kmp-azure Operating systems & Components / Operating system package or component dlm-kmp-azure-debuginfo Operating systems & Components / Operating system package or component kernel-azure-extra-debuginfo Operating systems & Components / Operating system package or component kernel-azure-debuginfo Operating systems & Components / Operating system package or component kernel-azure-extra Operating systems & Components / Operating system package or component reiserfs-kmp-azure Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 427 vulnerabilities.
1) Improper locking
EUVDB-ID: #VU90810
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0160
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU82755
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-47233
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows an attacker to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcm80211 in a brcmf_cfg80211_detach in the device unplugging (disconnect the USB by hotplug) code. An attacker with physical access to device can trigger a use-after-free error and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU88283
Risk: Medium
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52434
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the smb2_parse_contexts() function when parsing SMB packets. A remote user can send specially crafted SMB traffic to the affected system, trigger memory corruption and execute arbitrary code.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) NULL pointer dereference
EUVDB-ID: #VU90657
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52458
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkpg_do_ioctl() function in block/ioctl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) NULL pointer dereference
EUVDB-ID: #VU90660
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52463
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efivarfs_get_tree() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) NULL pointer dereference
EUVDB-ID: #VU91244
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52472
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rsa_check_exponent_fips() function in crypto/rsa.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Use-after-free
EUVDB-ID: #VU90248
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52483
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mctp_route_lookup() function in net/mctp/route.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) NULL pointer dereference
EUVDB-ID: #VU90626
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52492
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/dma/dmaengine.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Use-after-free
EUVDB-ID: #VU90234
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52503
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the destroy_session(), amdtee_open_session() and amdtee_close_session() functions in drivers/tee/amdtee/core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper locking
EUVDB-ID: #VU91538
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52591
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reiserfs_rename() function in fs/reiserfs/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Resource management error
EUVDB-ID: #VU92973
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52608
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the shmem_poll_done() function in drivers/firmware/arm_scmi/shmem.c, within the rx_callback() function in drivers/firmware/arm_scmi/mailbox.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Improper Initialization
EUVDB-ID: #VU91556
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52616
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the mpi_ec_init() function in lib/mpi/ec.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Buffer overflow
EUVDB-ID: #VU93617
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52618
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rnbd_srv_get_full_path() function in drivers/block/rnbd/rnbd-srv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) NULL pointer dereference
EUVDB-ID: #VU91240
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52631
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/ntfs3/ntfs_fs.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper locking
EUVDB-ID: #VU92045
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52635
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the devfreq_monitor(), devfreq_monitor_start() and devfreq_monitor_stop() functions in drivers/devfreq/devfreq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Out-of-bounds read
EUVDB-ID: #VU90331
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52640
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ntfs_list_ea() function in fs/ntfs3/xattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) NULL pointer dereference
EUVDB-ID: #VU90592
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52641
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ni_find_attr() and run_truncate_around() functions in fs/ntfs3/attrib.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Race condition
EUVDB-ID: #VU91477
Risk: Low
CVSSv3.1: 4.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52645
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the scpsys_add_subdomain() and scpsys_remove_one_domain() functions in drivers/soc/mediatek/mtk-pm-domains.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Information disclosure
EUVDB-ID: #VU91353
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52652
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the pci_vntb_probe() function in drivers/pci/endpoint/functions/pci-epf-vntb.c, within the EXPORT_SYMBOL() and ntb_register_device() functions in drivers/ntb/core.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Memory leak
EUVDB-ID: #VU90459
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52653
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gss_import_v2_context() function in net/sunrpc/auth_gss/gss_krb5_mech.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Resource management error
EUVDB-ID: #VU93257
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52654
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the scm_fp_copy() function in net/core/scm.c, within the io_finish_async() and io_sqe_files_register() functions in fs/io_uring.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Buffer overflow
EUVDB-ID: #VU93242
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52655
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the aqc111_rx_fixup() function in drivers/net/usb/aqc111.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper error handling
EUVDB-ID: #VU92943
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52657
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the si_dpm_enable() and si_dpm_process_interrupt() functions in drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Input validation error
EUVDB-ID: #VU93683
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52658
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the esw_inline_mode_to_devlink() and mlx5_devlink_eswitch_mode_set() functions in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Input validation error
EUVDB-ID: #VU93682
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52659
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the arch/x86/include/asm/page.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper error handling
EUVDB-ID: #VU92057
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52660
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the rkisp1_isp_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c, within the rkisp1_runtime_suspend() and rkisp1_runtime_resume() functions in drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c, within the rkisp1_csi_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c, within the rkisp1_capture_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Improper error handling
EUVDB-ID: #VU90948
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52661
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tegra_dc_rgb_probe() function in drivers/gpu/drm/tegra/rgb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Memory leak
EUVDB-ID: #VU90444
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52662
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vmw_gmrid_man_get_node() function in drivers/gpu/drm/vmwgfx/vmwgfx_gmrid_manager.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Memory leak
EUVDB-ID: #VU89987
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52663
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_sof_acp_probe() function in sound/soc/sof/amd/acp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Double free
EUVDB-ID: #VU90893
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52664
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the aq_vec_ring_alloc() function in drivers/net/ethernet/aquantia/atlantic/aq_vec.c, within the aq_get_rxpages(), aq_ring_alloc(), aq_ring_rx_alloc() and aq_ring_hwts_rx_alloc() functions in drivers/net/ethernet/aquantia/atlantic/aq_ring.c, within the aq_ptp_ring_alloc() function in drivers/net/ethernet/aquantia/atlantic/aq_ptp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Double free
EUVDB-ID: #VU90922
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52667
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the fs_any_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Out-of-bounds read
EUVDB-ID: #VU91423
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52669
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ctr_paes_crypt() function in arch/s390/crypto/paes_s390.c, within the ctr_aes_crypt() function in arch/s390/crypto/aes_s390.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Memory leak
EUVDB-ID: #VU89988
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52670
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_rpmsg_release_device() function in drivers/rpmsg/virtio_rpmsg_bus.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Integer underflow
EUVDB-ID: #VU91668
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52671
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the optc32_disable_crtc() function in drivers/gpu/drm/amd/display/dc/dcn32/dcn32_optc.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) NULL pointer dereference
EUVDB-ID: #VU90552
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52673
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the capabilities_show() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Out-of-bounds read
EUVDB-ID: #VU91392
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52674
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the scarlett2_mixer_ctl_put() function in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) NULL pointer dereference
EUVDB-ID: #VU90547
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52675
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the update_events_in_group() function in arch/powerpc/perf/imc-pmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Integer overflow
EUVDB-ID: #VU93061
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52676
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the check_ptr_to_map_access() and check_stack_access_within_bounds() functions in kernel/bpf/verifier.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Improper error handling
EUVDB-ID: #VU93452
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52678
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kfd_create_indirect_link_prop() and kfd_add_peer_prop() functions in drivers/gpu/drm/amd/amdkfd/kfd_topology.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Double free
EUVDB-ID: #VU90892
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52679
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the of_unittest_parse_phandle_with_args() and of_unittest_parse_phandle_with_args_map() functions in drivers/of/unittest.c, within the of_parse_phandle_with_args_map() function in drivers/of/base.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Improper error handling
EUVDB-ID: #VU93618
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52680
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the scarlett2_sync_ctl_get(), scarlett2_master_volume_ctl_get(), scarlett2_volume_ctl_get(), scarlett2_mute_ctl_get(), scarlett2_level_enum_ctl_get(), scarlett2_pad_ctl_get(), scarlett2_air_ctl_get(), scarlett2_phantom_ctl_get(), scarlett2_direct_monitor_ctl_get(), scarlett2_speaker_switch_enum_ctl_get(), scarlett2_talkback_enum_ctl_get(), scarlett2_dim_mute_ctl_get() and scarlett2_mux_src_enum_ctl_get() functions in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Improper locking
EUVDB-ID: #VU93768
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52681
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the efivarfs_init_fs_context() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Integer overflow
EUVDB-ID: #VU91424
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52683
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the lpit_update_residency() function in drivers/acpi/acpi_lpit.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Buffer overflow
EUVDB-ID: #VU91437
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52685
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the persistent_ram_init_ecc() function in fs/pstore/ram_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) NULL pointer dereference
EUVDB-ID: #VU90548
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52686
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the opal_event_init() function in arch/powerpc/platforms/powernv/opal-irqchip.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Improper error handling
EUVDB-ID: #VU90945
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52687
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the safexcel_send_req() function in drivers/crypto/inside-secure/safexcel_cipher.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Memory leak
EUVDB-ID: #VU89981
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52690
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scom_debug_init_one() function in arch/powerpc/platforms/powernv/opal-xscom.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Double free
EUVDB-ID: #VU90921
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52691
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the si_dpm_init() function in drivers/gpu/drm/amd/amdgpu/si_dpm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Improper error handling
EUVDB-ID: #VU93619
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52692
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the scarlett2_usb_set_config() function in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Use of uninitialized resource
EUVDB-ID: #VU91678
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52693
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the acpi_video_dev_register_backlight() function in drivers/acpi/acpi_video.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Resource management error
EUVDB-ID: #VU91606
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52694
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the tpd12s015_probe() function in drivers/gpu/drm/bridge/ti-tpd12s015.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) NULL pointer dereference
EUVDB-ID: #VU90549
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52695
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the create_validate_stream_for_sink() and dm_update_crtc_state() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) NULL pointer dereference
EUVDB-ID: #VU90550
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52696
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the opal_powercap_init() function in arch/powerpc/platforms/powernv/opal-powercap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Input validation error
EUVDB-ID: #VU94127
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52697
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sof_sdw_rt_sdca_jack_exit() function in sound/soc/intel/boards/sof_sdw_rt_sdca_jack_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Memory leak
EUVDB-ID: #VU89982
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52698
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the netlbl_calipso_ops_register(), netlbl_calipso_add_pass() and netlbl_calipso_genl_init() functions in net/netlabel/netlabel_calipso.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Use-after-free
EUVDB-ID: #VU90066
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52771
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the grandparent() function in drivers/cxl/core/port.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Use-after-free
EUVDB-ID: #VU90073
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52772
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the unix_stream_recv_urg() function in net/unix/af_unix.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) NULL pointer dereference
EUVDB-ID: #VU90458
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52860
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hns3_pmu_init_pmu() and hns3_pmu_uninit_pmu() functions in drivers/perf/hisilicon/hns3_pmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Input validation error
EUVDB-ID: #VU93673
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52882
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Buffer overflow
EUVDB-ID: #VU92724
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6238
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to execute arbitrary code.
A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Use-after-free
EUVDB-ID: #VU91599
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6270
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Race condition
EUVDB-ID: #VU85022
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6531
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition when the unix garbage collector's deletion of a SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. A local user can exploit the race and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) NULL pointer dereference
EUVDB-ID: #VU85422
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-7042
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can pass specially crafted data to the driver and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Improper locking
EUVDB-ID: #VU88894
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-0639
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Deserialization of Untrusted Data
EUVDB-ID: #VU89676
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-21823
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insecure deserialization in hardware logic. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) NULL pointer dereference
EUVDB-ID: #VU87192
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22099
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Use-after-free
EUVDB-ID: #VU91600
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23848
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Race condition
EUVDB-ID: #VU91634
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-24861
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the xc4000 xc4000_get_frequency() function in the media/xc4000 device driver. A local user can exploit the race and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Improper check for unusual or exceptional conditions
EUVDB-ID: #VU92399
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25739
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper check for unusual or exceptional conditions error within the ubi_read_volume_table() function in drivers/mtd/ubi/vtbl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Improper locking
EUVDB-ID: #VU93770
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26601
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_generate_buddy() and mb_free_blocks() functions in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) NULL pointer dereference
EUVDB-ID: #VU90628
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26611
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_sk_base_func_proto(), bpf_xdp_frags_increase_tail() and bpf_xdp_frags_shrink_tail() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Resource management error
EUVDB-ID: #VU91320
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26614
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
73) NULL pointer dereference
EUVDB-ID: #VU90621
Risk: Low
CVSSv3.1: 3.2 [AV:L/AC:L/PR:L/UI:U/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26632
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/bio.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Use of uninitialized resource
EUVDB-ID: #VU90881
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26638
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __sock_xmit() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) Improper access control
EUVDB-ID: #VU88150
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26642
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Race condition
EUVDB-ID: #VU88135
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26643
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nf_tables_unbind_set() function in net/netfilter/nf_tables_api.c. A local user can exploit the race and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
77) Double free
EUVDB-ID: #VU90898
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26652
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the pdsc_auxbus_dev_register() function in drivers/net/ethernet/amd/pds_core/auxbus.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) Race condition
EUVDB-ID: #VU88148
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26654
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in sound/sh/aica.c. A local user can exploit the race and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
79) Use-after-free
EUVDB-ID: #VU88145
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26656
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to crash the kernel.
The vulnerability exists due to a use-after-free error in drivers/gpu/drm/amd/amdgpu/amdgpu_hmm.c. A local user can send a single amdgpu_gem_userptr_ioctl
to the AMDGPU DRM driver on any ASICs with an invalid address and size and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
80) NULL pointer dereference
EUVDB-ID: #VU88146
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26657
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in drivers/gpu/drm/scheduler/sched_entity.c. A local user can send an amdgpu_cs_wait_ioctl to the AMDGPU DRM driver on any ASICs with valid context and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
81) Buffer overflow
EUVDB-ID: #VU92977
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26671
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_mq_mark_tag_wait() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
82) Input validation error
EUVDB-ID: #VU94118
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26673
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the nft_ct_expect_obj_init() function in net/netfilter/nft_ct.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
83) Improper error handling
EUVDB-ID: #VU92946
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26674
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the SYM_CODE_START_LOCAL() function in arch/x86/lib/putuser.S, within the SYM_CODE_END() function in arch/x86/lib/getuser.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
84) Input validation error
EUVDB-ID: #VU90858
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26675
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ppp_async_ioctl() function in drivers/net/ppp/ppp_async.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
85) Improper locking
EUVDB-ID: #VU92044
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26679
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
86) Improper error handling
EUVDB-ID: #VU90952
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26684
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dwxgmac3_handle_dma_err(), dwxgmac3_safety_feat_config(), dwxgmac3_safety_feat_irq_status() and dwxgmac3_safety_feat_dump() functions in drivers/net/ethernet/stmicro/stmmac/dwxgmac2_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
87) Race condition
EUVDB-ID: #VU91481
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26685
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nilfs_segctor_prepare_write(), nilfs_abort_logs() and nilfs_segctor_complete_write() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
88) Resource management error
EUVDB-ID: #VU93646
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26692
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to improper management of internal resources within the smb3_fs_context_parse_param() function in fs/smb/client/fs_context.c, within the cifs_mount_get_tcon() function in fs/smb/client/connect.c. A local user can corrupt data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
89) Improper locking
EUVDB-ID: #VU90795
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26696
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_page_mkwrite() function in fs/nilfs2/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
90) Information disclosure
EUVDB-ID: #VU91365
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26697
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the nilfs_prepare_segment_for_recovery(), nilfs_recovery_copy_block() and nilfs_recover_dsync_blocks() functions in fs/nilfs2/recovery.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
91) Double free
EUVDB-ID: #VU90929
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26704
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ext4_move_extents() function in fs/ext4/move_extent.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
92) Input validation error
EUVDB-ID: #VU94137
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26714
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/interconnect/qcom/sc8180x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
93) Improper locking
EUVDB-ID: #VU90791
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26726
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clear_extent_uptodate() function in fs/btrfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
94) NULL pointer dereference
EUVDB-ID: #VU90593
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26731
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sk_psock_verdict_data_ready() function in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
95) Buffer overflow
EUVDB-ID: #VU92952
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26733
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
96) Buffer overflow
EUVDB-ID: #VU92007
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26736
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the afs_update_volume_status() function in fs/afs/volume.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
97) Race condition
EUVDB-ID: #VU88938
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26737
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition between the bpf_timer_cancel_and_free and bpf_timer_cancel calls in kernel/bpf/helpers.c. A local user can exploit the race and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
98) Use-after-free
EUVDB-ID: #VU90214
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26739
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
99) Improper locking
EUVDB-ID: #VU90789
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26740
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mirred_egress_to_ingress_tcp_test() function in tools/testing/selftests/net/forwarding/tc_actions.sh, within the is_mirred_nested() and tcf_mirred_to_dev() functions in net/sched/act_mirred.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
100) Resource management error
EUVDB-ID: #VU93205
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26742
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pqi_map_queues() function in drivers/scsi/smartpqi/smartpqi_init.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
101) Resource management error
EUVDB-ID: #VU93777
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26756
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the raid5_run() and raid5_start_reshape() functions in drivers/md/raid5.c, within the raid10_run() and clear_bit() functions in drivers/md/raid10.c, within the md_start_sync() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
102) Resource management error
EUVDB-ID: #VU93778
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26757
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sysfs_notify_dirent_safe() and md_check_recovery() functions in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
103) NULL pointer dereference
EUVDB-ID: #VU90599
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26760
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/target/target_core_pscsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
104) Resource management error
EUVDB-ID: #VU93779
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26761
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __cxl_hdm_decode_init() function in drivers/cxl/core/pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
105) Resource management error
EUVDB-ID: #VU93844
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26764
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
106) Improper locking
EUVDB-ID: #VU90787
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26769
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvmet_fc_tgt_a_get(), __nvmet_fc_finish_ls_req() and nvmet_fc_register_targetport() functions in drivers/nvme/target/fc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
107) Improper locking
EUVDB-ID: #VU92041
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26772
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_find_by_goal() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
108) Improper locking
EUVDB-ID: #VU93787
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26773
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_try_best_found() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
109) Division by zero
EUVDB-ID: #VU93751
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26774
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mb_update_avg_fragment_size() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
110) Improper locking
EUVDB-ID: #VU90786
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26775
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the aoeblk_gdalloc() function in drivers/block/aoe/aoeblk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
111) Race condition
EUVDB-ID: #VU91480
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26779
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the ieee80211_check_fast_xmit() function in net/mac80211/tx.c, within the sta_info_insert_finish() function in net/mac80211/sta_info.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
112) Resource management error
EUVDB-ID: #VU93473
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26783
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the numamigrate_isolate_page() function in mm/migrate.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
113) Improper resource shutdown or release
EUVDB-ID: #VU93748
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26786
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the iopt_add_access() function in drivers/iommu/iommufd/io_pagetable.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
114) Out-of-bounds read
EUVDB-ID: #VU91098
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26791
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btrfs_check_replace_dev_names() and btrfs_dev_replace_by_ioctl() functions in fs/btrfs/dev-replace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
115) Use-after-free
EUVDB-ID: #VU90211
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26793
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_init() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
116) Improper locking
EUVDB-ID: #VU90783
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26794
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the emit_fiemap_extent() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
117) NULL pointer dereference
EUVDB-ID: #VU90589
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26802
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stmmac_fpe_stop_wq() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
118) Use of uninitialized resource
EUVDB-ID: #VU90879
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26805
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the netlink_group_mask() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
119) Buffer overflow
EUVDB-ID: #VU91202
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26807
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the cqspi_remove(), cqspi_suspend() and cqspi_resume() functions in drivers/spi/spi-cadence-quadspi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
120) Out-of-bounds read
EUVDB-ID: #VU90326
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26815
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the NLA_POLICY_MAX() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
121) Memory leak
EUVDB-ID: #VU91650
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26816
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
122) Resource management error
EUVDB-ID: #VU93872
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26822
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper management of internal resources within the automount_fullpath() and cifs_do_automount() functions in fs/smb/client/namespace.c. A local user can force the SMB client to reuse its parent mount uid, gid and cruid and gain unauthorized access to information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
123) Integer underflow
EUVDB-ID: #VU91674
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26828
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
124) Race condition
EUVDB-ID: #VU91478
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26832
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
125) Resource management error
EUVDB-ID: #VU93776
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26836
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the current_value_store() function in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
126) Memory leak
EUVDB-ID: #VU93610
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26844
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bio_copy_user_iov() function in block/blk-map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
127) Double free
EUVDB-ID: #VU90896
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26846
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the LIST_HEAD(), nvme_fc_free_lport(), nvme_fc_init_module(), device_destroy() and nvme_fc_delete_controllers() functions in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
128) Improper locking
EUVDB-ID: #VU91526
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26848
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the afs_dir_iterate_block() function in fs/afs/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
129) Buffer overflow
EUVDB-ID: #VU91201
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26853
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the igc_xdp_xmit() function in drivers/net/ethernet/intel/igc/igc_main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
130) Improper locking
EUVDB-ID: #VU91525
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26854
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_dpll_init() function in drivers/net/ethernet/intel/ice/ice_dpll.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
131) NULL pointer dereference
EUVDB-ID: #VU90576
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26855
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_bridge_setlink() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
132) Use-after-free
EUVDB-ID: #VU91063
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26856
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sparx5_del_mact_entry() function in drivers/net/ethernet/microchip/sparx5/sparx5_mactable.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
133) Use of uninitialized resource
EUVDB-ID: #VU90876
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26857
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the geneve_rx() function in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
134) NULL pointer dereference
EUVDB-ID: #VU90570
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26858
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_txwqe_complete() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
135) Memory leak
EUVDB-ID: #VU89999
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26860
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dm_integrity_rw_tag() function in drivers/md/dm-integrity.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
136) Race condition within a thread
EUVDB-ID: #VU91433
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26861
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the decrypt_packet(), counter_validate() and wg_packet_rx_poll() functions in drivers/net/wireguard/receive.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
137) Race condition within a thread
EUVDB-ID: #VU91434
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26862
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
138) Use-after-free
EUVDB-ID: #VU90196
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26866
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
139) NULL pointer dereference
EUVDB-ID: #VU90571
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26868
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ff_layout_cancel_io() function in fs/nfs/flexfilelayout/flexfilelayout.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
140) Buffer overflow
EUVDB-ID: #VU92006
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26870
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfs4_listxattr() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
141) NULL pointer dereference
EUVDB-ID: #VU90574
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26878
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dquot_mark_dquot_dirty(), __dquot_alloc_space(), dquot_alloc_inode(), EXPORT_SYMBOL(), dquot_claim_space_nodirty(), dquot_reclaim_space_nodirty(), __dquot_free_space(), dquot_free_inode() and __dquot_transfer() functions in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
142) NULL pointer dereference
EUVDB-ID: #VU90578
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26881
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hclge_ptp_get_rx_hwts() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
143) Use of uninitialized resource
EUVDB-ID: #VU90878
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26882
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to use of uninitialized resource within the ip_tunnel_rcv() function in net/ipv4/ip_tunnel.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
144) Buffer overflow
EUVDB-ID: #VU91602
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26883
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the stack_map_alloc() function in kernel/bpf/stackmap.c on a 32-bit platform. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
145) Buffer overflow
EUVDB-ID: #VU91604
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26884
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the htab_map_alloc() function in kernel/bpf/hashtab.c on 32-bit platforms. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
146) Buffer overflow
EUVDB-ID: #VU89840
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26885
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the dev_map_init_map() function in kernel/bpf/devmap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
147) Use-after-free
EUVDB-ID: #VU90197
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26898
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
148) Improper locking
EUVDB-ID: #VU90780
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26899
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_MUTEX(), bd_link_disk_holder(), kfree() and bd_unlink_disk_holder() functions in block/holder.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
149) Memory leak
EUVDB-ID: #VU90468
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26900
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bind_rdev_to_array() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
150) Information disclosure
EUVDB-ID: #VU91363
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26901
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the do_sys_name_to_handle() function in fs/fhandle.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
151) NULL pointer dereference
EUVDB-ID: #VU92070
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26903
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rfcomm_process_rx() function in net/bluetooth/rfcomm/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
152) Improper error handling
EUVDB-ID: #VU92944
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26906
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the copy_from_kernel_nofault_allowed() function in arch/x86/mm/maccess.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
153) Use-after-free
EUVDB-ID: #VU90198
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26909
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pmic_glink_altmode_probe() function in drivers/soc/qcom/pmic_glink_altmode.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
154) Integer underflow
EUVDB-ID: #VU91672
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26921
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nf_ct_frag6_queue() and nf_ct_frag6_gather() functions in net/ipv6/netfilter/nf_conntrack_reasm.c, within the ip_frag_queue() and ip_defrag() functions in net/ipv4/ip_fragment.c, within the FRAG_CB(), inet_frag_queue_insert(), inet_frag_reasm_prepare(), EXPORT_SYMBOL() and inet_frag_reasm_finish() functions in net/ipv4/inet_fragment.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
155) Input validation error
EUVDB-ID: #VU89054
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26922
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the amdgpu_vm_bo_insert_map(), amdgpu_vm_bo_map(), amdgpu_vm_bo_replace_map(), and amdgpu_vm_bo_clear_mappings() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can pass specially crafted input to the driver and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
156) Improper locking
EUVDB-ID: #VU92035
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26923
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
157) Improper locking
EUVDB-ID: #VU92034
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26925
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __nf_tables_abort() and nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
158) Use-after-free
EUVDB-ID: #VU90192
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26928
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_debug_files_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
159) Double free
EUVDB-ID: #VU90926
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26932
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a double free error within the tcpm_port_unregister_pd() function in drivers/usb/typec/tcpm/tcpm.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
160) Improper locking
EUVDB-ID: #VU90777
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26933
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the disable_show() and disable_store() functions in drivers/usb/core/port.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
161) Improper locking
EUVDB-ID: #VU90776
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26934
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the interface_authorized_store() function in drivers/usb/core/sysfs.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
162) Information disclosure
EUVDB-ID: #VU91358
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26935
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the scsi_host_dev_release() function in drivers/scsi/hosts.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
163) Reachable assertion
EUVDB-ID: #VU90909
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26937
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the gen11_emit_fini_breadcrumb_rcs() function in drivers/gpu/drm/i915/gt/intel_lrc.c, within the __engine_park() function in drivers/gpu/drm/i915/gt/intel_engine_pm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
164) Resource management error
EUVDB-ID: #VU92986
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26938
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the intel_bios_encoder_supports_dp_dual_mode() function in drivers/gpu/drm/i915/display/intel_bios.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
165) Resource management error
EUVDB-ID: #VU93394
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26940
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmw_debugfs_resource_managers_init() function in drivers/gpu/drm/vmwgfx/vmwgfx_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
166) NULL pointer dereference
EUVDB-ID: #VU90527
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26943
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nouveau_dmem_evict_chunk() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
167) Division by zero
EUVDB-ID: #VU91376
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26945
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the save_iaa_wq() and remove_iaa_wq() functions in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
168) Input validation error
EUVDB-ID: #VU93686
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26946
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the can_probe() function in arch/x86/kernel/kprobes/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
169) Input validation error
EUVDB-ID: #VU94134
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26948
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dc_state_free() function in drivers/gpu/drm/amd/display/dc/core/dc_state.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
170) NULL pointer dereference
EUVDB-ID: #VU90562
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26949
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smu_v13_0_7_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c, within the smu_v13_0_0_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c, within the sienna_cichlid_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c, within the navi10_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c, within the arcturus_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
171) NULL pointer dereference
EUVDB-ID: #VU91460
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26950
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the get_peer() function in drivers/net/wireguard/netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
172) Use-after-free
EUVDB-ID: #VU90187
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26951
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wg_get_device_dump() function in drivers/net/wireguard/netlink.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
173) Buffer overflow
EUVDB-ID: #VU93155
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26956
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nilfs_direct_lookup_contig() function in fs/nilfs2/direct.c, within the nilfs_btree_lookup_contig() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
174) Use-after-free
EUVDB-ID: #VU91062
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26957
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zcrypt_pick_queue() and zcrypt_drop_queue() functions in drivers/s390/crypto/zcrypt_api.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
175) Use-after-free
EUVDB-ID: #VU90183
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26958
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the , within the wait_on_commit() function in fs/nfs/write.c, within the nfs_direct_commit_schedule() function in fs/nfs/direct.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
176) Race condition
EUVDB-ID: #VU91475
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26960
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the __swap_entry_free_locked() and free_swap_and_cache() functions in mm/swapfile.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
177) Use-after-free
EUVDB-ID: #VU90186
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26961
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mac802154_llsec_key_del_rcu() function in net/mac802154/llsec.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
178) Improper locking
EUVDB-ID: #VU90775
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26962
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the make_stripe_request(), raid5_make_request(), raid5_start() and raid5_init() functions in drivers/md/raid5.c, within the is_suspended() and md_account_bio() functions in drivers/md/md.c, within the raid_map(), raid_message(), raid_presuspend() and raid_resume() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
179) Resource management error
EUVDB-ID: #VU93601
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26963
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dwc3_ti_remove_core() and dwc3_ti_remove() functions in drivers/usb/dwc3/dwc3-am62.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
180) NULL pointer dereference
EUVDB-ID: #VU90561
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26964
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xhci_map_temp_buffer() function in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
181) Memory leak
EUVDB-ID: #VU90465
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26972
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mutex_unlock() function in fs/ubifs/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
182) Information disclosure
EUVDB-ID: #VU91360
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26973
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the fat_encode_fh_nostale() function in fs/fat/nfs.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
183) NULL pointer dereference
EUVDB-ID: #VU90559
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26978
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the max310x_i2c_slave_addr() function in drivers/tty/serial/max310x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
184) NULL pointer dereference
EUVDB-ID: #VU90558
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26979
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vmw_resource_context_res_add(), vmw_cmd_dx_define_query(), vmw_cmd_dx_view_define(), vmw_cmd_dx_so_define(), vmw_cmd_dx_define_shader() and vmw_cmd_dx_define_streamoutput() functions in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
185) Out-of-bounds read
EUVDB-ID: #VU90318
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26981
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_type_by_mode[() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
186) Input validation error
EUVDB-ID: #VU90857
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26982
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the squashfs_new_inode() function in fs/squashfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
187) Use-after-free
EUVDB-ID: #VU90188
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26983
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xbc_alloc_mem(), xbc_parse_tree() and xbc_init() functions in lib/bootconfig.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
188) NULL pointer dereference
EUVDB-ID: #VU90557
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26984
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nv50_instobj_acquire() function in drivers/gpu/drm/nouveau/nvkm/subdev/instmem/nv50.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
189) Memory leak
EUVDB-ID: #VU89994
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26986
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfd_create_process() function in drivers/gpu/drm/amd/amdkfd/kfd_process.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
190) Buffer overflow
EUVDB-ID: #VU93305
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26988
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the setup_command_line() function in init/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
191) Resource management error
EUVDB-ID: #VU93297
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26989
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kernel_page_present() function in arch/arm64/mm/pageattr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
192) Incorrect calculation
EUVDB-ID: #VU93760
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26990
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the kvm_tdp_mmu_try_split_huge_pages(), kvm_tdp_mmu_clear_dirty_slot() and clear_dirty_pt_masked() functions in arch/x86/kvm/mmu/tdp_mmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
193) Out-of-bounds read
EUVDB-ID: #VU90319
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26991
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kvm_arch_post_set_memory_attributes() function in arch/x86/kvm/mmu/mmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
194) Information disclosure
EUVDB-ID: #VU91356
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26992
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the vmx_get_perf_capabilities() function in arch/x86/kvm/vmx/vmx.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
195) Information disclosure
EUVDB-ID: #VU91355
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26993
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sysfs_break_active_protection() function in fs/sysfs/file.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
196) Buffer overflow
EUVDB-ID: #VU93243
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26994
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the get_word() function in drivers/accessibility/speakup/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
197) Off-by-one
EUVDB-ID: #VU91175
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26995
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the tcpm_pd_set() function in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
198) Use-after-free
EUVDB-ID: #VU90184
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26996
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ncm_set_alt() and ncm_disable() functions in drivers/usb/gadget/function/f_ncm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
199) Input validation error
EUVDB-ID: #VU93871
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26997
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the dwc2_cmpl_host_isoc_dma_desc() function in drivers/usb/dwc2/hcd_ddma.c in DDMA completion flow. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
200) Improper locking
EUVDB-ID: #VU91449
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26999
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pmz_receive_chars() function in drivers/tty/serial/pmac_zilog.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
201) Improper locking
EUVDB-ID: #VU91450
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27000
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mxs_auart_set_ldisc() and mxs_auart_irq_handle() functions in drivers/tty/serial/mxs-auart.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
202) Resource management error
EUVDB-ID: #VU92969
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27001
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmk80xx_find_usb_endpoints() function in drivers/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
203) Improper locking
EUVDB-ID: #VU90772
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27002
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mtk_clk_simple_probe() and mtk_free_clk_data() functions in drivers/clk/mediatek/clk-mtk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
204) Improper locking
EUVDB-ID: #VU90771
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27003
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clk_summary_show_subtree(), clk_summary_show() and clk_dump_show() functions in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
205) Improper locking
EUVDB-ID: #VU90770
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27004
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the HLIST_HEAD(), clk_pm_runtime_put(), clk_unprepare_unused_subtree(), clk_disable_unused_subtree(), __setup(), clk_disable_unused(), __clk_release() and __clk_register() functions in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
206) Out-of-bounds read
EUVDB-ID: #VU91095
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27008
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the apply_dcb_encoder_quirks() and fabricate_dcb_encoder_table() functions in drivers/gpu/drm/nouveau/nouveau_bios.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
207) Improper locking
EUVDB-ID: #VU91521
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27013
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tun_put_user() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
208) Improper locking
EUVDB-ID: #VU90768
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27014
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_arfs_enable(), arfs_del_rules(), arfs_handle_work() and mlx5e_rx_flow_steer() functions in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
209) Improper locking
EUVDB-ID: #VU92030
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27022
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the dup_mmap() function in kernel/fork.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
210) Incorrect calculation
EUVDB-ID: #VU93758
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27027
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the dpll_xa_ref_pin_del() and dpll_xa_ref_dpll_del() functions in drivers/dpll/dpll_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
211) NULL pointer dereference
EUVDB-ID: #VU90555
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27028
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_spi_interrupt() function in drivers/spi/spi-mt65xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
212) Out-of-bounds read
EUVDB-ID: #VU90316
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27029
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mmhub_v3_3_print_l2_protection_fault_status() function in drivers/gpu/drm/amd/amdgpu/mmhub_v3_3.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
213) Race condition
EUVDB-ID: #VU91473
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27030
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rvu_queue_work(), rvu_mbox_intr_handler() and rvu_register_interrupts() functions in drivers/net/ethernet/marvell/octeontx2/af/rvu.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
214) Improper locking
EUVDB-ID: #VU90764
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27031
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs_netfs_issue_read() function in fs/nfs/fscache.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
215) Infinite loop
EUVDB-ID: #VU93066
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27036
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the cifs_partialpagewrite(), cifs_extend_writeback(), cifs_write_back_from_locked_folio(), cifs_writepages_region() and cifs_writepages() functions in fs/smb/client/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
216) NULL pointer dereference
EUVDB-ID: #VU90519
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27046
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfp_fl_lag_do_work() function in drivers/net/ethernet/netronome/nfp/flower/lag_conf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
217) Resource management error
EUVDB-ID: #VU92983
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27056
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iwl_mvm_sta_ensure_queue() function in drivers/net/wireless/intel/iwlwifi/mvm/sta.c, within the __iwl_mvm_suspend() function in drivers/net/wireless/intel/iwlwifi/mvm/d3.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
218) Resource management error
EUVDB-ID: #VU92984
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27057
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sof_ipc4_set_multi_pipeline_state() function in sound/soc/sof/ipc4-pcm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
219) Race condition
EUVDB-ID: #VU91471
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27062
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nvkm_object_search() and nvkm_object_remove() functions in drivers/gpu/drm/nouveau/nvkm/core/object.c, within the nvkm_client_new() function in drivers/gpu/drm/nouveau/nvkm/core/client.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
220) Resource management error
EUVDB-ID: #VU93195
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27067
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the evtchn_free_ring(), evtchn_interrupt() and evtchn_unbind_from_user() functions in drivers/xen/evtchn.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
221) Improper locking
EUVDB-ID: #VU90766
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27080
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the try_release_extent_state(), flush_fiemap_cache(), emit_fiemap_extent(), fiemap_search_slot(), fiemap_process_hole(), extent_fiemap(), i_size_read() and unlock_extent() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
222) Memory leak
EUVDB-ID: #VU90449
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27388
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gssx_dec_option_array() function in net/sunrpc/auth_gss/gss_rpc_xdr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
223) Resource management error
EUVDB-ID: #VU91608
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27389
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the pstore_put_backend_records() function in fs/pstore/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
224) Memory leak
EUVDB-ID: #VU89353
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27393
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to perform DoS attack on the target system.
The vulnerability exists due memory leak within the xennet_alloc_one_rx_buffer() function in xen-netback implementation. A malicious guest userspace process can exhaust memory resources within the guest kernel and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
225) Use-after-free
EUVDB-ID: #VU90169
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27395
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ovs_ct_limit_exit() function in net/openvswitch/conntrack.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
226) Use-after-free
EUVDB-ID: #VU90168
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27396
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_dellink() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
227) Use-after-free
EUVDB-ID: #VU89672
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27398
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
228) NULL pointer dereference
EUVDB-ID: #VU89673
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27399
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dreference error within the l2cap_chan_timeout() function in net/bluetooth/l2cap_core.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
229) Resource management error
EUVDB-ID: #VU89674
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27400
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in amdgpu driver. A local user can crash the OS kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
230) Buffer overflow
EUVDB-ID: #VU89675
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27401
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the packet_buffer_get() function in drivers/firewire/nosy.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
231) Buffer overflow
EUVDB-ID: #VU93154
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27405
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
232) Race condition
EUVDB-ID: #VU91470
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27408
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the dw_edma_v0_core_write_chunk() and dw_edma_v0_core_start() functions in drivers/dma/dw-edma/dw-edma-v0-core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
233) Resource management error
EUVDB-ID: #VU93870
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27410
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nl80211_set_interface() function in net/wireless/nl80211.c. A local user can manipulate with the interface mesh ID and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
234) Buffer overflow
EUVDB-ID: #VU93804
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27411
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the r535_gsp_postinit() and r535_gsp_dtor() functions in drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
235) Resource management error
EUVDB-ID: #VU93194
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27412
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bq27xxx_battery_i2c_remove() function in drivers/power/supply/bq27xxx_battery_i2c.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
236) Buffer overflow
EUVDB-ID: #VU93470
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27413
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the efi_capsule_open() function in drivers/firmware/efi/capsule-loader.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
237) Information disclosure
EUVDB-ID: #VU93869
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27416
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to an error within the hci_io_capa_request_evt() function in net/bluetooth/hci_event.c when handling HCI_EV_IO_CAPA_REQUEST packets. A remote attacker on the local network can force the system to assume that the remote peer
does support SSP and potentially gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
238) Information disclosure
EUVDB-ID: #VU91349
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27417
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the inet6_rtm_getaddr() function in net/ipv6/addrconf.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
239) Information disclosure
EUVDB-ID: #VU91348
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27418
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the mctp_local_output() function in net/mctp/route.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
240) Use of uninitialized resource
EUVDB-ID: #VU92003
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27431
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cpu_map_bpf_prog_run_xdp() function in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
241) Resource management error
EUVDB-ID: #VU93774
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27432
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_ppe_start() and mtk_ppe_stop() functions in drivers/net/ethernet/mediatek/mtk_ppe.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
242) Input validation error
EUVDB-ID: #VU93681
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27434
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iwl_mvm_get_sec_flags() function in drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
243) Improper locking
EUVDB-ID: #VU90758
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27435
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_alloc_admin_tag_set() and nvme_alloc_io_tag_set() functions in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
244) Out-of-bounds write
EUVDB-ID: #VU93594
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27436
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the convert_chmap() function in sound/usb/stream.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
245) Improper locking
EUVDB-ID: #VU90757
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35784
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fiemap_process_hole(), extent_fiemap(), btrfs_free_path() and emit_last_fiemap_cache() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
246) Improper locking
EUVDB-ID: #VU90759
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35786
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nouveau_gem_ioctl_pushbuf() function in drivers/gpu/drm/nouveau/nouveau_gem.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
247) Out-of-bounds read
EUVDB-ID: #VU90311
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35788
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dcn35_clk_mgr_helper_populate_bw_params() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
248) Use-after-free
EUVDB-ID: #VU90167
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35789
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_change_station() function in net/mac80211/cfg.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
249) NULL pointer dereference
EUVDB-ID: #VU90554
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35790
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hpd_show(), dp_altmode_probe(), dp_altmode_remove() and module_typec_altmode_driver() functions in drivers/usb/typec/altmodes/displayport.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
250) Use-after-free
EUVDB-ID: #VU90165
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35791
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svm_register_enc_region() function in arch/x86/kvm/svm/sev.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
251) Improper locking
EUVDB-ID: #VU90760
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35794
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the md_clean() and __md_stop_writes() functions in drivers/md/md.c, within the raid_message(), raid_postsuspend(), raid_preresume() and raid_resume() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
252) Improper locking
EUVDB-ID: #VU90756
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35795
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_debugfs_mqd_read() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
253) NULL pointer dereference
EUVDB-ID: #VU90553
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35796
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the temac_probe() function in drivers/net/ethernet/xilinx/ll_temac_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
254) Input validation error
EUVDB-ID: #VU93448
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35799
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dce110_disable_stream() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
255) NULL pointer dereference
EUVDB-ID: #VU93056
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35800
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the generic_ops_supported() function in drivers/firmware/efi/efi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
256) Input validation error
EUVDB-ID: #VU93680
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35801
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fpu__init_cpu_xstate() function in arch/x86/kernel/fpu/xstate.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
257) Buffer overflow
EUVDB-ID: #VU93151
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35803
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_FUNC_START(), SYM_FUNC_START_LOCAL() and SYM_DATA_END() functions in arch/x86/boot/compressed/efi_mixed.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
258) Buffer overflow
EUVDB-ID: #VU93152
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35804
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the emulator_cmpxchg_emulated() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
259) Improper locking
EUVDB-ID: #VU90755
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35806
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qm_congestion_task() and qman_create_cgr() functions in drivers/soc/fsl/qbman/qman.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
260) Improper locking
EUVDB-ID: #VU90754
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35808
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the raid_message() function in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
261) Improper error handling
EUVDB-ID: #VU90947
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35809
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the pci_device_remove() function in drivers/pci/pci-driver.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
262) Buffer overflow
EUVDB-ID: #VU93666
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35810
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vmw_du_cursor_mob_size() and vmw_du_cursor_plane_cleanup_fb() functions in drivers/gpu/drm/vmwgfx/vmwgfx_kms.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
263) Use-after-free
EUVDB-ID: #VU90164
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35811
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcmf_notify_escan_complete() and brcmf_cfg80211_detach() functions in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
264) Improper error handling
EUVDB-ID: #VU90946
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35812
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the service_outstanding_interrupt() function in drivers/usb/class/cdc-wdm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
265) Incorrect calculation
EUVDB-ID: #VU93614
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35813
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __mmc_blk_ioctl_cmd() function in drivers/mmc/core/block.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
266) Resource management error
EUVDB-ID: #VU91612
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35814
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to double allocation of slots within the swiotlb_area_find_slots() function in kernel/dma/swiotlb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
267) Resource management error
EUVDB-ID: #VU93271
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35815
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the aio_setup_ring() and kiocb_set_cancel_fn() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
268) Resource management error
EUVDB-ID: #VU93595
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35817
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_ttm_gart_bind() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
269) Improper locking
EUVDB-ID: #VU91448
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35819
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qman_create_portal(), qm_congestion_task(), qman_create_cgr(), qman_delete_cgr() and qman_update_cgr() functions in drivers/soc/fsl/qbman/qman.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
270) Improper locking
EUVDB-ID: #VU92025
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35821
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the write_begin_slow(), ubifs_write_begin() and ubifs_write_end() functions in fs/ubifs/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
271) Improper locking
EUVDB-ID: #VU93464
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35822
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the usb_ep_queue() function in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
272) Buffer overflow
EUVDB-ID: #VU93153
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35823
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vc_uniscr_delete() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
273) Resource management error
EUVDB-ID: #VU93600
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35824
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the lis3lv02d_i2c_suspend() and lis3lv02d_i2c_resume() functions in drivers/misc/lis3lv02d/lis3lv02d_i2c.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
274) Buffer overflow
EUVDB-ID: #VU93241
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35825
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
275) Memory leak
EUVDB-ID: #VU90447
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35828
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lbs_allocate_cmd_buffer() function in drivers/net/wireless/marvell/libertas/cmd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
276) Memory leak
EUVDB-ID: #VU90446
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35829
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lima_heap_alloc() function in drivers/gpu/drm/lima/lima_gem.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
277) Resource management error
EUVDB-ID: #VU93591
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35830
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tc358743_probe() function in drivers/media/i2c/tc358743.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
278) Memory leak
EUVDB-ID: #VU89986
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35833
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/dma/fsl-qdma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
279) Improper locking
EUVDB-ID: #VU93465
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35834
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xsk_rcv_zc() function in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
280) Double free
EUVDB-ID: #VU90923
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35835
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the arfs_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
281) Use-after-free
EUVDB-ID: #VU93349
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35836
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dpll_msg_add_pin_freq(), dpll_pin_is_freq_supported(), dpll_cmd_pin_get_one(), dpll_pin_on_pin_state_set(), dpll_pin_state_set(), dpll_pin_prio_set(), dpll_pin_direction_set(), dpll_pin_phase_adj_set() and dpll_pin_find() functions in drivers/dpll/dpll_netlink.c, within the dpll_device_unregister(), dpll_pin_alloc(), dpll_pin_put() and dpll_pin_on_pin_register() functions in drivers/dpll/dpll_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
282) Use of uninitialized resource
EUVDB-ID: #VU93435
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35837
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mvpp2_bm_pool_cleanup() and mvpp2_bm_init() functions in drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
283) Information disclosure
EUVDB-ID: #VU91346
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35838
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sta_info_free() function in net/mac80211/sta_info.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
284) Infinite loop
EUVDB-ID: #VU93064
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35841
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
285) NULL pointer dereference
EUVDB-ID: #VU90551
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35842
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_sof_dai_link_fixup() function in sound/soc/mediatek/common/mtk-dsp-sof-common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
286) Input validation error
EUVDB-ID: #VU91609
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35845
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the iwl_dbg_tlv_alloc_debug_info() function in drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
287) Double free
EUVDB-ID: #VU90891
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35847
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the its_vpe_irq_domain_alloc() function in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
288) Information disclosure
EUVDB-ID: #VU91345
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35849
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the init_data_container() function in fs/btrfs/backref.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
289) NULL pointer dereference
EUVDB-ID: #VU90840
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35850
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qca_debugfs_init() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
290) NULL pointer dereference
EUVDB-ID: #VU90839
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35851
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qca_prevent_wake() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
291) Memory leak
EUVDB-ID: #VU89983
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35852
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_sp_acl_tcam_vregion_destroy() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
292) Use-after-free
EUVDB-ID: #VU90162
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35854
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_vregion_rehash() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
293) Incorrect calculation
EUVDB-ID: #VU93755
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35860
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the bpf_kprobe_multi_link_fill_link_info() and bpf_uprobe_multi_link_dealloc() functions in kernel/trace/bpf_trace.c, within the bpf_link_inc() and bpf_raw_tp_link_fill_link_info() functions in kernel/bpf/syscall.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
294) Use-after-free
EUVDB-ID: #VU90150
Risk: Medium
CVSSv3.1: 5 [AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35861
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_signal_cifsd_for_reconnect() function in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
295) Use-after-free
EUVDB-ID: #VU90152
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35862
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_network_name_deleted() function in fs/smb/client/smb2ops.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
296) Use-after-free
EUVDB-ID: #VU90151
Risk: Medium
CVSSv3.1: 5 [AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35863
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the is_valid_oplock_break() function in fs/smb/client/misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
297) Use-after-free
EUVDB-ID: #VU90149
Risk: Medium
CVSSv3.1: 5 [AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35864
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_valid_lease_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
298) Use-after-free
EUVDB-ID: #VU90148
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35865
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_valid_oplock_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
299) Use-after-free
EUVDB-ID: #VU90153
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35866
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_dump_full_key() function in fs/smb/client/ioctl.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
300) Use-after-free
EUVDB-ID: #VU90154
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35867
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
301) Use-after-free
EUVDB-ID: #VU90155
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35868
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_write() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
302) Use-after-free
EUVDB-ID: #VU90157
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35869
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the tcon_info_alloc() and tconInfoFree() functions in fs/smb/client/misc.c, within the dfs_cache_remount_fs() function in fs/smb/client/dfs_cache.c, within the get_session(), __dfs_mount_share() and dfs_mount_share() functions in fs/smb/client/dfs.c, within the match_session(), cifs_get_smb_ses(), cifs_mount_put_conns() and cifs_mount() functions in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
303) Use-after-free
EUVDB-ID: #VU90158
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35870
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_mark_tcp_ses_conns_for_reconnect() and cifs_find_smb_ses() functions in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
304) Resource management error
EUVDB-ID: #VU93256
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35872
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/secretmem.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
305) Input validation error
EUVDB-ID: #VU93678
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35875
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the setup_arch() function in arch/x86/kernel/setup.c, within the cc_mkdec() function in arch/x86/coco/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
306) Memory leak
EUVDB-ID: #VU91638
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35877
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the follow_phys() function in mm/memory.c, within the is_cow_mapping(), free_pfn_range() and untrack_pfn() functions in arch/x86/mm/pat.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
307) NULL pointer dereference
EUVDB-ID: #VU90508
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35878
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the of_modalias() function in drivers/of/module.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
308) Memory leak
EUVDB-ID: #VU89979
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35879
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pr_fmt() and of_changeset_destroy() functions in drivers/of/dynamic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
309) Memory leak
EUVDB-ID: #VU89977
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35883
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci1xxxx_spi_probe() function in drivers/spi/spi-pci1xxxx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
310) NULL pointer dereference
EUVDB-ID: #VU90509
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35885
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlxbf_gige_shutdown() function in drivers/net/ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
311) Use-after-free
EUVDB-ID: #VU90159
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35887
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ax25_dev_device_down() function in net/ax25/ax25_dev.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
312) Input validation error
EUVDB-ID: #VU93427
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35889
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the idpf_rx_process_skb_fields() function in drivers/net/ethernet/intel/idpf/idpf_txrx.c when handling unknown packet types. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
313) NULL pointer dereference
EUVDB-ID: #VU90511
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35891
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lan8814_txtstamp(), lan8814_get_sig_rx(), lan8814_match_rx_ts(), lan8814_ptpci_adjfine(), lan8814_get_sig_tx(), lan8814_dequeue_tx_skb() and lan8814_match_skb() functions in drivers/net/phy/micrel.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
314) Improper locking
EUVDB-ID: #VU90752
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35895
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
315) Resource management error
EUVDB-ID: #VU93192
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35901
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mana_get_rxbuf_cfg() function in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
316) Input validation error
EUVDB-ID: #VU93677
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35903
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the emit_call() function in arch/x86/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
317) NULL pointer dereference
EUVDB-ID: #VU93461
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35904
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_sel_fs() function in security/selinux/selinuxfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
318) Out-of-bounds read
EUVDB-ID: #VU90307
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35905
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the check_stack_access_within_bounds() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
319) Out-of-bounds read
EUVDB-ID: #VU90308
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35907
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mlxbf_gige_open() function in drivers/net/ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
320) Buffer overflow
EUVDB-ID: #VU93308
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35909
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the t7xx_pcie_mac_atr_tables_dis() and t7xx_pcie_mac_atr_cfg() functions in drivers/net/wwan/t7xx/t7xx_pcie_mac.c, within the t7xx_cldma_gpd_rx_from_q() and t7xx_cldma_txq_empty_hndl() functions in drivers/net/wwan/t7xx/t7xx_hif_cldma.c, within the t7xx_cldma_tx_addr_is_set() and t7xx_cldma_hw_set_start_addr() functions in drivers/net/wwan/t7xx/t7xx_cldma.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
321) NULL pointer dereference
EUVDB-ID: #VU90513
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35911
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_vsi_rebuild() function in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
322) Memory leak
EUVDB-ID: #VU91640
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35912
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iwl_rfi_get_freq_table() function in drivers/net/wireless/intel/iwlwifi/mvm/rfi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
323) Improper locking
EUVDB-ID: #VU90753
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35914
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lock_rename() and unlock_rename() functions in fs/nfsd/vfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
324) Use of uninitialized resource
EUVDB-ID: #VU90874
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35915
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nci_rx_work() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
325) NULL pointer dereference
EUVDB-ID: #VU90512
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35916
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sanitycheck() function in drivers/dma-buf/st-dma-fence-chain.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
326) NULL pointer dereference
EUVDB-ID: #VU90546
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35917
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_skip(), asm(), bpf_jit_epilogue(), bpf_int_jit_compile(), bpf_jit_supports_far_kfunc_call() and bpf_arch_text_poke() functions in arch/s390/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
327) Improper Initialization
EUVDB-ID: #VU93608
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35921
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the vdec_hevc_slice_init() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_hevc_req_multi_if.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
328) Division by zero
EUVDB-ID: #VU91372
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35922
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the fb_get_mode() and fb_videomode_from_videomode() functions in drivers/video/fbdev/core/fbmon.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
329) Buffer overflow
EUVDB-ID: #VU93623
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35924
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ucsi_read_message_in(), ucsi_read_error(), ucsi_send_command() and ucsi_register() functions in drivers/usb/typec/ucsi/ucsi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
330) Use of uninitialized resource
EUVDB-ID: #VU93083
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35927
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the reschedule_output_poll_work() and EXPORT_SYMBOL() functions in drivers/gpu/drm/drm_probe_helper.c, within the drm_mode_config_helper_suspend() and drm_mode_config_helper_resume() functions in drivers/gpu/drm/drm_modeset_helper.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
331) Memory leak
EUVDB-ID: #VU89975
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35928
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_device_init() and amdgpu_vf_error_trans_all() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
332) Memory leak
EUVDB-ID: #VU89976
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35930
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_rcv_padisc() function in drivers/scsi/lpfc/lpfc_nportdisc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
333) Improper error handling
EUVDB-ID: #VU90943
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35931
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the amdgpu_pci_slot_reset() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
334) Use-after-free
EUVDB-ID: #VU90146
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35932
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vc4_prepare_fb() and vc4_cleanup_fb() functions in drivers/gpu/drm/vc4/vc4_plane.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
335) NULL pointer dereference
EUVDB-ID: #VU90507
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35933
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btintel_read_version() function in drivers/bluetooth/btintel.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
336) Improper error handling
EUVDB-ID: #VU90944
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35935
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the iterate_inode_ref() function in fs/btrfs/send.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
337) Improper error handling
EUVDB-ID: #VU90942
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35936
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mutex_unlock() function in fs/btrfs/volumes.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
338) Out-of-bounds read
EUVDB-ID: #VU91093
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35937
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ieee80211_amsdu_subframe_length(), ieee80211_is_valid_amsdu() and ieee80211_amsdu_to_8023s() functions in net/wireless/util.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
339) Buffer overflow
EUVDB-ID: #VU93240
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35938
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ARRAY_SIZE() function in drivers/net/wireless/ath/ath11k/mhi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
340) NULL pointer dereference
EUVDB-ID: #VU90542
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35940
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the psz_kmsg_read() function in fs/pstore/zone.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
341) NULL pointer dereference
EUVDB-ID: #VU90544
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35943
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the omap_prm_domain_init() function in drivers/pmdomain/ti/omap_prm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
342) Resource management error
EUVDB-ID: #VU93839
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35944
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dg_dispatch_as_host() function in drivers/misc/vmw_vmci/vmci_datagram.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
343) Improper error handling
EUVDB-ID: #VU92056
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35945
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the phy_sfp_probe(), phy_attach_direct() and phy_get_internal_delay() functions in drivers/net/phy/phy_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
344) NULL pointer dereference
EUVDB-ID: #VU90545
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35946
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rtw89_ops_bss_info_changed() and rtw89_ops_remain_on_channel() functions in drivers/net/wireless/realtek/rtw89/mac80211.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
345) Improper error handling
EUVDB-ID: #VU93468
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35947
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error within the ddebug_tokenize() function in lib/dynamic_debug.c. A local user can crash the OS kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
346) Use-after-free
EUVDB-ID: #VU92212
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35950
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
347) Improper resource shutdown or release
EUVDB-ID: #VU93746
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35951
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the panfrost_mmu_map_fault_addr() and sg_free_table() functions in drivers/gpu/drm/panfrost/panfrost_mmu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
348) Improper locking
EUVDB-ID: #VU91515
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35952
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ast_dp_set_on_off() function in drivers/gpu/drm/ast/ast_dp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
349) Improper locking
EUVDB-ID: #VU90747
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35953
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ivpu_dev_init() function in drivers/accel/ivpu/ivpu_drv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
350) NULL pointer dereference
EUVDB-ID: #VU90540
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35954
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sg_remove_sfp_usercontext() function in drivers/scsi/sg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
351) Use-after-free
EUVDB-ID: #VU90145
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35955
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the check_kprobe_address_safe() function in kernel/kprobes.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
352) Information disclosure
EUVDB-ID: #VU91343
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35956
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the btrfs_subvolume_reserve_metadata() function in fs/btrfs/root-tree.c, within the create_subvol() and create_snapshot() functions in fs/btrfs/ioctl.c, within the btrfs_delete_subvolume() and btrfs_end_transaction() functions in fs/btrfs/inode.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
353) Resource management error
EUVDB-ID: #VU93255
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35958
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ena_unmap_tx_buff() and ena_free_tx_bufs() functions in drivers/net/ethernet/amazon/ena/ena_netdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
354) Improper locking
EUVDB-ID: #VU92018
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35959
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_priv_cleanup() function in drivers/net/ethernet/mellanox/mlx5/core/en_main.c, within the mlx5e_selq_init() and mlx5e_selq_cleanup() functions in drivers/net/ethernet/mellanox/mlx5/core/en/selq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
355) Improper Initialization
EUVDB-ID: #VU93351
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35960
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the add_rule_fg() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
356) Improper locking
EUVDB-ID: #VU92019
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35961
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5_sf_dev_remove() function in drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c, within the mlx5_init_one_devl_locked(), mlx5_init_one(), mlx5_uninit_one(), mlx5_init_one_light(), mlx5_uninit_one_light(), probe_one() and remove_one() functions in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
357) Input validation error
EUVDB-ID: #VU93795
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35963
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_sock_setsockopt_old() and hci_sock_setsockopt() functions in net/bluetooth/hci_sock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
358) Input validation error
EUVDB-ID: #VU93796
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35964
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iso_sock_setsockopt() function in net/bluetooth/iso.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
359) Input validation error
EUVDB-ID: #VU93797
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35965
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the l2cap_sock_setsockopt_old() and l2cap_sock_setsockopt() functions in net/bluetooth/l2cap_sock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
360) Out-of-bounds read
EUVDB-ID: #VU90306
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35966
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rfcomm_sock_setsockopt_old() and rfcomm_sock_setsockopt() functions in net/bluetooth/rfcomm/sock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
361) Out-of-bounds read
EUVDB-ID: #VU90303
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35967
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sco_sock_setsockopt() function in net/bluetooth/sco.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
362) Use-after-free
EUVDB-ID: #VU90143
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35969
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ipv6_get_ifaddr() function in net/ipv6/addrconf.c, within the in6_ifa_hold() function in include/net/addrconf.h. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
363) Improper locking
EUVDB-ID: #VU91444
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35971
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ks8851_rx_pkts() and ks8851_irq() functions in drivers/net/ethernet/micrel/ks8851_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
364) Memory leak
EUVDB-ID: #VU89974
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35972
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bnxt_rdma_aux_device_init() function in drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
365) Use of uninitialized resource
EUVDB-ID: #VU90872
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35973
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the geneve_xmit_skb() and geneve6_xmit_skb() functions in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
366) Buffer overflow
EUVDB-ID: #VU93149
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35974
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_alloc_queue() function in block/blk-core.c, within the blkcg_css_online() and blkcg_init_disk() functions in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
367) Memory leak
EUVDB-ID: #VU91636
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35975
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the otx2_qos_read_txschq_cfg_tl() function in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
368) NULL pointer dereference
EUVDB-ID: #VU90506
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35977
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cros_ec_uart_probe() function in drivers/platform/chrome/cros_ec_uart.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
369) Memory leak
EUVDB-ID: #VU89973
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35978
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hci_req_sync_complete() function in net/bluetooth/hci_request.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
370) Infinite loop
EUVDB-ID: #VU91410
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35981
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the virtnet_get_rxfh() and virtnet_probe() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
371) Infinite loop
EUVDB-ID: #VU91411
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35982
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the batadv_tt_local_resize_to_mtu() function in net/batman-adv/translation-table.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
372) NULL pointer dereference
EUVDB-ID: #VU91458
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35984
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i2c_check_for_quirks() function in drivers/i2c/i2c-core-base.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
373) Race condition
EUVDB-ID: #VU93377
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35986
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tusb1210_get_online() and tusb1210_remove_charger_detect() functions in drivers/phy/ti/phy-tusb1210.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
374) Resource management error
EUVDB-ID: #VU93472
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35989
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the perf_event_cpu_offline() function in drivers/dma/idxd/perfmon.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
375) Improper locking
EUVDB-ID: #VU91513
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35990
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xilinx_dpdma_chan_vsync_irq(), xilinx_dpdma_issue_pending() and xilinx_dpdma_chan_err_task() functions in drivers/dma/xilinx/xilinx_dpdma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
376) Improper locking
EUVDB-ID: #VU91445
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35991
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the process_evl_entries() function in drivers/dma/idxd/irq.c, within the idxd_init_evl() function in drivers/dma/idxd/init.c, within the idxd_device_evl_setup() and idxd_device_evl_free() functions in drivers/dma/idxd/device.c, within the debugfs_evl_show() function in drivers/dma/idxd/debugfs.c, within the idxd_cdev_evl_drain_pasid() function in drivers/dma/idxd/cdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
377) Out-of-bounds read
EUVDB-ID: #VU91091
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35992
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the comphy_gbe_phy_init() function in drivers/phy/marvell/phy-mvebu-a3700-comphy.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
378) Buffer overflow
EUVDB-ID: #VU92955
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35995
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the show_cppc_data(), acpi_cppc_processor_probe(), cpc_read() and cpc_write() functions in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
379) Infinite loop
EUVDB-ID: #VU91412
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35997
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the __i2c_hid_command() and i2c_hid_irq() functions in drivers/hid/i2c-hid/i2c-hid-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
380) Race condition within a thread
EUVDB-ID: #VU91426
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-35999
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the cifs_pick_channel() function in fs/smb/client/transport.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
381) NULL pointer dereference
EUVDB-ID: #VU93055
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36002
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpll_device_get_by_id(), dpll_pin_registration_find(), dpll_xa_ref_pin_add(), dpll_xa_ref_pin_del(), dpll_xa_ref_dpll_add(), dpll_xa_ref_dpll_del(), EXPORT_SYMBOL_GPL(), __dpll_pin_register(), dpll_pin_register(), dpll_pin_unregister(), dpll_pin_on_pin_register() and dpll_pin_on_pin_unregister() functions in drivers/dpll/dpll_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
382) Resource management error
EUVDB-ID: #VU93838
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36006
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlxsw_sp_acl_tcam_vchunk_migrate_one() and mlxsw_sp_acl_tcam_vchunk_migrate_all() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
383) Incorrect calculation
EUVDB-ID: #VU93612
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36007
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the mlxsw_sp_acl_tcam_vregion_rehash_work(), mlxsw_sp_acl_tcam_rehash_ctx_vregion_changed(), mlxsw_sp_acl_tcam_vchunk_migrate_end(), mlxsw_sp_acl_tcam_vchunk_migrate_one(), mlxsw_sp_acl_tcam_vregion_migrate() and mlxsw_sp_acl_tcam_vregion_rehash_start() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
384) Incorrect calculation
EUVDB-ID: #VU93754
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36009
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the net/ax25/af_ax25.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
385) NULL pointer dereference
EUVDB-ID: #VU92062
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36011
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_le_big_sync_established_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
386) Use-after-free
EUVDB-ID: #VU90058
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36012
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the msft_monitor_supported() function in net/bluetooth/msft.h, within the msft_register() function in net/bluetooth/msft.c, within the hci_unregister_dev() and hci_release_dev() functions in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
387) Use-after-free
EUVDB-ID: #VU90057
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36013
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_command_rej(), l2cap_connect() and l2cap_chan_unlock() functions in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
388) NULL pointer dereference
EUVDB-ID: #VU89897
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36014
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the malidp_mw_connector_reset() function in drivers/gpu/drm/arm/malidp_mw.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
389) Unchecked Return Value
EUVDB-ID: #VU89896
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36015
CWE-ID:
CWE-252 - Unchecked Return Value
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an unchecked return value within the register_device() function in drivers/char/ppdev.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
390) Out-of-bounds write
EUVDB-ID: #VU89898
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36016
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the gsm0_receive() function in drivers/tty/n_gsm.c. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
391) Buffer overflow
EUVDB-ID: #VU93663
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36018
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the op_remap() function in drivers/gpu/drm/nouveau/nouveau_uvmm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
392) Out-of-bounds read
EUVDB-ID: #VU90274
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36019
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the regcache_maple_drop() function in drivers/base/regmap/regcache-maple.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
393) Use of uninitialized resource
EUVDB-ID: #VU91675
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36020
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the i40e_reset_all_vfs() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
394) Improper Initialization
EUVDB-ID: #VU91548
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36021
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the hclge_init_ae_dev() and hclge_comm_cmd_uninit() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
395) Off-by-one
EUVDB-ID: #VU91172
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36025
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the qla_edif_app_getstats() function in drivers/scsi/qla2xxx/qla_edif.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
396) Resource management error
EUVDB-ID: #VU93773
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36026
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smu_v13_0_4_system_features_control() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_4_ppt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
397) Resource management error
EUVDB-ID: #VU92981
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36029
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sdhci_msm_runtime_suspend() and sdhci_msm_runtime_resume() functions in drivers/mmc/host/sdhci-msm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
398) Double Free
EUVDB-ID: #VU90886
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36030
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the rvu_npc_freemem() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
399) Input validation error
EUVDB-ID: #VU90849
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36032
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qca_read_fw_build_info() function in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
400) Input validation error
EUVDB-ID: #VU90850
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36880
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qca_send_pre_shutdown_cmd(), qca_tlv_check_data() and qca_download_firmware() functions in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
401) Improper error handling
EUVDB-ID: #VU93649
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36885
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nvkm_firmware_dtor() and nvkm_firmware_ctor() functions in drivers/gpu/drm/nouveau/nvkm/core/firmware.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
402) Resource management error
EUVDB-ID: #VU93391
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36890
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/slab.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
403) NULL pointer dereference
EUVDB-ID: #VU90379
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36891
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mas_empty_area_rev() function in lib/maple_tree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
404) NULL pointer dereference
EUVDB-ID: #VU90380
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36893
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the svdm_consume_identity(), tcpm_register_partner_altmodes(), tcpm_init_vconn(), tcpm_typec_connect(), tcpm_typec_disconnect() and tcpm_pwr_opmode_to_rp() functions in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
405) Improper locking
EUVDB-ID: #VU90735
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36894
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ffs_user_copy_worker() and ffs_epfile_async_io_complete() functions in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
406) Buffer overflow
EUVDB-ID: #VU92004
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36895
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the __uvcg_iter_item_entries() function in drivers/usb/gadget/function/uvc_configfs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
407) NULL pointer dereference
EUVDB-ID: #VU91455
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36896
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the disable_show() and disable_store() functions in drivers/usb/core/port.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
408) NULL pointer dereference
EUVDB-ID: #VU91223
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36897
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the construct_integrated_info() function in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
409) Use of uninitialized resource
EUVDB-ID: #VU92002
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36898
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the edge_detector_update() function in drivers/gpio/gpiolib-cdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
410) Out-of-bounds read
EUVDB-ID: #VU90271
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36906
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ENDPROC() function in arch/arm/kernel/sleep.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
411) Input validation error
EUVDB-ID: #VU93447
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36918
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the test_fail_cases() function in tools/testing/selftests/bpf/prog_tests/bloom_filter_map.c, within the bloom_map_get_next_key() and bloom_map_check_btf() functions in kernel/bpf/bloom_filter.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
412) Out-of-bounds read
EUVDB-ID: #VU90270
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36921
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iwl_mvm_mld_rm_sta() function in drivers/net/wireless/intel/iwlwifi/mvm/mld-sta.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
413) Improper locking
EUVDB-ID: #VU92009
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36922
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iwl_txq_reclaim() function in drivers/net/wireless/intel/iwlwifi/queue/tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
414) Resource management error
EUVDB-ID: #VU92961
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36928
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qeth_free_cq(), qeth_alloc_qdio_queues(), atomic_set(), qeth_free_qdio_queues() and qeth_qdio_poll() functions in drivers/s390/net/qeth_core_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
415) NULL pointer dereference
EUVDB-ID: #VU90385
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36930
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __spi_sync() function in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
416) Out-of-bounds read
EUVDB-ID: #VU90267
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36931
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the crw_inject_write() function in drivers/s390/cio/cio_inject.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
417) Improper locking
EUVDB-ID: #VU91441
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36936
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the list_del() function in drivers/firmware/efi/unaccepted_memory.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
418) Double Free
EUVDB-ID: #VU90885
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36940
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the pinctrl_enable() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
419) NULL pointer dereference
EUVDB-ID: #VU90528
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36941
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nl80211_set_coalesce() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
420) Memory leak
EUVDB-ID: #VU89927
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36942
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qca_download_firmware() function in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
421) Improper locking
EUVDB-ID: #VU91502
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36944
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qxl_fence_wait() function in drivers/gpu/drm/qxl/qxl_release.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
422) Memory leak
EUVDB-ID: #VU91614
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36947
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the remove_device_files() function in drivers/infiniband/hw/qib/qib_fs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
423) Improper locking
EUVDB-ID: #VU93436
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36949
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kgd2kfd_suspend() and kgd2kfd_resume() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
424) Improper error handling
EUVDB-ID: #VU92055
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36950
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bus_reset_work() and irq_handler() functions in drivers/firewire/ohci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
425) Input validation error
EUVDB-ID: #VU94122
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36951
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the event_interrupt_wq_v9() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v9.c, within the event_interrupt_wq_v11() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v11.c, within the event_interrupt_wq_v10() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v10.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
426) Memory leak
EUVDB-ID: #VU91613
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36955
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the is_link_enabled() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
427) Information disclosure
EUVDB-ID: #VU91321
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36959
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsPublic Cloud Module: 15-SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
kernel-source-azure: before 6.4.0-150600.8.5.4
kernel-devel-azure: before 6.4.0-150600.8.5.4
kernel-azure-vdso: before 6.4.0-150600.8.5.4
kernel-azure-vdso-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure: before 6.4.0-150600.8.5.4
kernel-azure-optional-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-devel: before 6.4.0-150600.8.5.4
kernel-azure-debugsource: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure: before 6.4.0-150600.8.5.4
kernel-azure-livepatch-devel: before 6.4.0-150600.8.5.4
cluster-md-kmp-azure: before 6.4.0-150600.8.5.4
gfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-devel-debuginfo: before 6.4.0-150600.8.5.4
kernel-syms-azure: before 6.4.0-150600.8.5.1
cluster-md-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kselftests-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
gfs2-kmp-azure: before 6.4.0-150600.8.5.4
ocfs2-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-optional: before 6.4.0-150600.8.5.4
dlm-kmp-azure: before 6.4.0-150600.8.5.4
dlm-kmp-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-debuginfo: before 6.4.0-150600.8.5.4
kernel-azure-extra: before 6.4.0-150600.8.5.4
reiserfs-kmp-azure: before 6.4.0-150600.8.5.4
CPE2.3- cpe:2.3:o:suse:public_cloud_module:15-SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:
- cpe:2.3:o:suse:kernel-source-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-devel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-vdso-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-livepatch-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-devel-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-syms-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cluster-md-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kselftests-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:gfs2-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:ocfs2-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-optional:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:dlm-kmp-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:kernel-azure-extra:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:reiserfs-kmp-azure:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
