SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 146
CVE-ID CVE-2021-46925
CVE-2021-46926
CVE-2021-46927
CVE-2021-46929
CVE-2021-46930
CVE-2021-46931
CVE-2021-46933
CVE-2021-46934
CVE-2021-46936
CVE-2021-47082
CVE-2021-47083
CVE-2021-47087
CVE-2021-47091
CVE-2021-47093
CVE-2021-47094
CVE-2021-47095
CVE-2021-47096
CVE-2021-47097
CVE-2021-47098
CVE-2021-47099
CVE-2021-47100
CVE-2021-47101
CVE-2021-47102
CVE-2021-47104
CVE-2021-47105
CVE-2021-47107
CVE-2021-47108
CVE-2022-4744
CVE-2022-48626
CVE-2022-48627
CVE-2022-48628
CVE-2022-48629
CVE-2022-48630
CVE-2023-0160
CVE-2023-28746
CVE-2023-35827
CVE-2023-52447
CVE-2023-52450
CVE-2023-52453
CVE-2023-52454
CVE-2023-52462
CVE-2023-52463
CVE-2023-52467
CVE-2023-52469
CVE-2023-52470
CVE-2023-52474
CVE-2023-52476
CVE-2023-52477
CVE-2023-52481
CVE-2023-52482
CVE-2023-52484
CVE-2023-52486
CVE-2023-52492
CVE-2023-52493
CVE-2023-52494
CVE-2023-52497
CVE-2023-52500
CVE-2023-52501
CVE-2023-52502
CVE-2023-52504
CVE-2023-52507
CVE-2023-52508
CVE-2023-52509
CVE-2023-52510
CVE-2023-52511
CVE-2023-52513
CVE-2023-52515
CVE-2023-52517
CVE-2023-52518
CVE-2023-52519
CVE-2023-52520
CVE-2023-52523
CVE-2023-52524
CVE-2023-52525
CVE-2023-52528
CVE-2023-52529
CVE-2023-52530
CVE-2023-52531
CVE-2023-52532
CVE-2023-52559
CVE-2023-52563
CVE-2023-52564
CVE-2023-52566
CVE-2023-52567
CVE-2023-52569
CVE-2023-52574
CVE-2023-52576
CVE-2023-52582
CVE-2023-52583
CVE-2023-52587
CVE-2023-52591
CVE-2023-52594
CVE-2023-52595
CVE-2023-52597
CVE-2023-52598
CVE-2023-52599
CVE-2023-52600
CVE-2023-52601
CVE-2023-52602
CVE-2023-52603
CVE-2023-52604
CVE-2023-52606
CVE-2023-52607
CVE-2023-52608
CVE-2023-52612
CVE-2023-52615
CVE-2023-52617
CVE-2023-52619
CVE-2023-52621
CVE-2023-52623
CVE-2023-52628
CVE-2023-52632
CVE-2023-52637
CVE-2023-52639
CVE-2023-6270
CVE-2023-6356
CVE-2023-6535
CVE-2023-6536
CVE-2023-7042
CVE-2023-7192
CVE-2024-0841
CVE-2024-2201
CVE-2024-22099
CVE-2024-23307
CVE-2024-25739
CVE-2024-25742
CVE-2024-26599
CVE-2024-26600
CVE-2024-26602
CVE-2024-26607
CVE-2024-26612
CVE-2024-26614
CVE-2024-26620
CVE-2024-26627
CVE-2024-26629
CVE-2024-26642
CVE-2024-26645
CVE-2024-26646
CVE-2024-26651
CVE-2024-26654
CVE-2024-26659
CVE-2024-26664
CVE-2024-26667
CVE-2024-26670
CVE-2024-26695
CVE-2024-26717
CWE-ID CWE-667
CWE-399
CWE-617
CWE-416
CWE-121
CWE-754
CWE-415
CWE-125
CWE-763
CWE-401
CWE-476
CWE-908
CWE-190
CWE-264
CWE-119
CWE-400
CWE-362
CWE-200
CWE-835
CWE-388
CWE-254
CWE-129
CWE-1037
CWE-94
CWE-20
CWE-284
CWE-682
CWE-252
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Real Time Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

kernel-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-devel
Operating systems & Components / Operating system package or component

kernel-rt-optional
Operating systems & Components / Operating system package or component

kselftests-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-debugsource
Operating systems & Components / Operating system package or component

kernel-rt_debug-debugsource
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-syms-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-rt-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-livepatch
Operating systems & Components / Operating system package or component

kernel-rt-devel-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt
Operating systems & Components / Operating system package or component

kselftests-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150500_13_43-rt
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel
Operating systems & Components / Operating system package or component

gfs2-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-vdso
Operating systems & Components / Operating system package or component

kernel-source-rt
Operating systems & Components / Operating system package or component

kernel-devel-rt
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 146 vulnerabilities.

1) Improper locking

EUVDB-ID: #VU92051

Risk: Low

CVSSv3.1: 4.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46925

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smc_wr_is_tx_pend(), smc_wr_tx_process_cqe(), smc_wr_reg_send() and smc_wr_free_link() functions in net/smc/smc_wr.c, within the smc_ib_modify_qp_rts() function in net/smc/smc_ib.c, within the smc_conn_free(), smcr_link_clear(), smc_conn_kill(), smc_smcd_terminate_all(), smc_smcr_terminate_all(), smcr_link_down() and init_waitqueue_head() functions in net/smc/smc_core.c, within the smc_cdc_tx_handler(), smc_cdc_msg_send(), smcr_cdc_msg_send_validation() and smc_cdc_get_slot_and_msg_send() functions in net/smc/smc_cdc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Resource management error

EUVDB-ID: #VU89253

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46926

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the sdw_intel_acpi_cb() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Reachable assertion

EUVDB-ID: #VU90917

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46927

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the ne_set_user_memory_region_ioctl() function in drivers/virt/nitro_enclaves/ne_misc_dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU90257

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46929

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sctp_transport_lookup_process() and sctp_transport_get_idx() functions in net/sctp/socket.c, within the sctp_sock_dump() and sctp_sock_filter() functions in net/sctp/sctp_diag.c, within the sctp_endpoint_free() and sctp_endpoint_destroy() functions in net/sctp/endpointola.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU90258

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46930

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mtu3_alloc_request() function in drivers/usb/mtu3/mtu3_gadget.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Stack-based buffer overflow

EUVDB-ID: #VU91303

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46931

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack overflow within the mlx5e_tx_reporter_dump_sq() and mlx5e_reporter_tx_timeout() functions in drivers/net/ethernet/mellanox/mlx5/core/en/reporter_tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU90259

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46933

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ffs_data_clear() and ffs_data_reset() functions in drivers/usb/gadget/function/f_fs.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper Check for Unusual or Exceptional Conditions

EUVDB-ID: #VU89264

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46934

CWE-ID: CWE-754 - Improper Check for Unusual or Exceptional Conditions

Exploit availability: No

Description

The vulnerability allows a local user to produce warnings from the userspace.

The vulnerability exists due to improper error handling within the compat_i2cdev_ioctl() function in drivers/i2c/i2c-dev.c. A local user can pass specially crafted data to the driver and influence its behavior.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU88892

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46936

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the inet_init() function in net/ipv4/af_inet.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Double Free

EUVDB-ID: #VU89391

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47082

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in drivers/net/tun.c. A local user can trigger a double free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds read

EUVDB-ID: #VU90346

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47083

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mtk_xt_get_gpio_n() function in drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Release of invalid pointer or reference

EUVDB-ID: #VU93003

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47087

CWE-ID: CWE-763 - Release of invalid pointer or reference

Exploit availability: No

Description

The vulnerability allows a local user to modify data on the system.

The vulnerability exists due to performance of perform __free_pages(page, order) using this pointer as we would free any arbitrary pages. A local user can modify data on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Reachable assertion

EUVDB-ID: #VU90913

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47091

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the ieee80211_start_ap() function in net/mac80211/cfg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Memory leak

EUVDB-ID: #VU90478

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47093

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the pmc_core_platform_init() function in drivers/platform/x86/intel_pmc_core_pltdrv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU88107

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47094

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in arch/x86/kvm/mmu/tdp_iter.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) NULL pointer dereference

EUVDB-ID: #VU90633

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47095

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ssif_probe() function in drivers/char/ipmi/ipmi_ssif.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use of uninitialized resource

EUVDB-ID: #VU91681

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47096

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the snd_rawmidi_open() function in sound/core/rawmidi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds read

EUVDB-ID: #VU90344

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47097

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the elantech_change_report_id() function in drivers/input/mouse/elantech.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Integer overflow

EUVDB-ID: #VU91181

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47098

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the lm90_set_temphyst() function in drivers/hwmon/lm90.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU88856

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47099

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a missing security check within the veth_xdp_rcv() function in drivers/net/veth.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU90233

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47100

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cleanup_bmc_device() function in drivers/char/ipmi/ipmi_msghandler.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use of uninitialized resource

EUVDB-ID: #VU90882

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47101

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the asix_check_host_enable() function in drivers/net/usb/asix_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Out-of-bounds read

EUVDB-ID: #VU90345

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47102

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the prestera_netdev_port_event() function in drivers/net/ethernet/marvell/prestera/prestera_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Memory leak

EUVDB-ID: #VU90019

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47104

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the qib_user_sdma_queue_pkts() function in drivers/infiniband/hw/qib/qib_user_sdma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Memory leak

EUVDB-ID: #VU91655

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47105

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ice_xsk_any_rx_ring_ena() function in drivers/net/ethernet/intel/ice/ice_xsk.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Buffer overflow

EUVDB-ID: #VU91316

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47107

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the nfsd_proc_rmdir() and nfsd_init_dirlist_pages() functions in fs/nfsd/nfsproc.c, within the nfsd3_proc_link() and nfsd3_init_dirlist_pages() functions in fs/nfsd/nfs3proc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) NULL pointer dereference

EUVDB-ID: #VU90632

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47108

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mtk_hdmi_bridge_mode_valid() function in drivers/gpu/drm/mediatek/mtk_hdmi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Double Free

EUVDB-ID: #VU74053

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4744

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the tun_free_netdev() function in the Linux kernel’s TUN/TAP device driver. A local user can trigger a double free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Use-after-free

EUVDB-ID: #VU90261

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48626

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the moxart_remove() function in drivers/mmc/host/moxart-mmc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Resource exhaustion

EUVDB-ID: #VU92194

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48627

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Race condition

EUVDB-ID: #VU93383

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48628

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the __inc_stopping_blocker() function in fs/ceph/super.c, within the ceph_handle_snap() and up_write() functions in fs/ceph/snap.c, within the ceph_handle_quota() function in fs/ceph/quota.c, within the handle_lease(), mutex_unlock() and ceph_mdsc_init() functions in fs/ceph/mds_client.c, within the ceph_handle_caps() and iput() functions in fs/ceph/caps.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Information disclosure

EUVDB-ID: #VU93004

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48629

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Infinite loop

EUVDB-ID: #VU91418

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48630

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the qcom_rng_read() function in drivers/crypto/qcom-rng.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Improper locking

EUVDB-ID: #VU90810

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0160

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Information disclosure

EUVDB-ID: #VU87457

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28746

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Use-after-free

EUVDB-ID: #VU82758

Risk: Low

CVSSv3.1: 6.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-35827

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local authenticated user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ravb_remove in drivers/net/ethernet/renesas/ravb_main.c. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free

EUVDB-ID: #VU87740

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52447

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in bpf. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) NULL pointer dereference

EUVDB-ID: #VU90661

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52450

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the discover_upi_topology() function in arch/x86/events/intel/uncore_snbep.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Buffer overflow

EUVDB-ID: #VU93167

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52453

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the hisi_acc_vf_resume_write() and hisi_acc_vf_save_read() functions in drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) NULL pointer dereference

EUVDB-ID: #VU89244

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52454

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_pdu_iovec() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Buffer overflow

EUVDB-ID: #VU89237

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52462

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to crash the kernel.

The vulnerability exists due to a boundary error within the check_stack_write_fixed_off() function in kernel/bpf/verifier.c. A local user can trigger memory corruption and crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) NULL pointer dereference

EUVDB-ID: #VU90660

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52463

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efivarfs_get_tree() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) NULL pointer dereference

EUVDB-ID: #VU89236

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52467

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the of_syscon_register() function in drivers/mfd/syscon.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Use-after-free

EUVDB-ID: #VU89235

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52469

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the kv_parse_power_table() function in drivers/gpu/drm/amd/amdgpu/kv_dpm.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) NULL pointer dereference

EUVDB-ID: #VU92074

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52470

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the radeon_crtc_init() function in drivers/gpu/drm/radeon/radeon_display.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Improper locking

EUVDB-ID: #VU92053

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52474

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper locking within the build_vnic_ulp_payload() function in drivers/infiniband/hw/hfi1/vnic_sdma.c, within the build_verbs_tx_desc() function in drivers/infiniband/hw/hfi1/verbs.c, within the user_sdma_send_pkts(), add_system_pages_to_sdma_packet(), hfi1_user_sdma_process_request(), user_sdma_txadd_ahg(), sdma_cache_evict(), user_sdma_txreq_cb(), pq_update(), user_sdma_free_request(), set_comp_state() and sdma_rb_remove() functions in drivers/infiniband/hw/hfi1/user_sdma.c, within the sdma_unmap_desc(), ext_coal_sdma_tx_descs() and _pad_sdma_tx_descs() functions in drivers/infiniband/hw/hfi1/sdma.c, within the hfi1_mmu_rb_insert(), hfi1_mmu_rb_get_first(), __mmu_rb_search() and hfi1_mmu_rb_evict() functions in drivers/infiniband/hw/hfi1/mmu_rb.c, within the hfi1_ipoib_build_ulp_payload() function in drivers/infiniband/hw/hfi1/ipoib_tx.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Out-of-bounds read

EUVDB-ID: #VU88821

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52476

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the branch_type() and get_branch_type() functions in arch/x86/events/utils.c. A local user can trigger an out-of-bounds read error and crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Use of uninitialized resource

EUVDB-ID: #VU89393

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52477

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of uninitialized BOS descriptors in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Information disclosure

EUVDB-ID: #VU91368

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52481

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the ERRATA_MIDR_REV_RANGE() function in arch/arm64/kernel/cpu_errata.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Stack-based buffer overflow

EUVDB-ID: #VU91302

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52482

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack overflow within the VULNBL_AMD() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Resource management error

EUVDB-ID: #VU89252

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52484

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the arm_smmu_free_shared_cd() function in drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Improper locking

EUVDB-ID: #VU90801

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52486

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the drivers/gpu/drm/drm_plane.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) NULL pointer dereference

EUVDB-ID: #VU90626

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52492

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/dma/dmaengine.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Improper locking

EUVDB-ID: #VU91537

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52493

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the parse_xfer_event() function in drivers/bus/mhi/host/main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Buffer overflow

EUVDB-ID: #VU91209

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52494

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the mhi_del_ring_element() function in drivers/bus/mhi/host/main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Resource exhaustion

EUVDB-ID: #VU93097

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52497

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack and modify data on the system,.

The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack and modify data on the system,.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Memory leak

EUVDB-ID: #VU91657

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52500

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mpi_set_controller_config_resp() function in drivers/scsi/pm8001/pm80xx_hwi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Information disclosure

EUVDB-ID: #VU93098

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52501

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Race condition

EUVDB-ID: #VU88106

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52502

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() functions in net/nfc/llcp_core.c. A local user can exploit the race and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Out-of-bounds read

EUVDB-ID: #VU90347

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52504

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the apply_alternatives() function in arch/x86/kernel/alternative.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Out-of-bounds read

EUVDB-ID: #VU90350

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52507

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the nci_activate_target() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) NULL pointer dereference

EUVDB-ID: #VU90634

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52508

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nvme_fc_io_getuuid() function in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Use-after-free

EUVDB-ID: #VU89255

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52509

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user can escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ravb_close() function in drivers/net/ethernet/renesas/ravb_main.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Use-after-free

EUVDB-ID: #VU90235

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52510

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ca8210_register_ext_clock() and ca8210_unregister_ext_clock() functions in drivers/net/ieee802154/ca8210.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Resource exhaustion

EUVDB-ID: #VU93001

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52511

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) NULL pointer dereference

EUVDB-ID: #VU91242

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52513

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the siw_accept_newconn(), siw_cm_work_handler() and siw_cm_llp_data_ready() functions in drivers/infiniband/sw/siw/siw_cm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Use-after-free

EUVDB-ID: #VU90236

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52515

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the srp_abort() function in drivers/infiniband/ulp/srp/ib_srp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Race condition

EUVDB-ID: #VU91487

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52517

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the sun6i_spi_max_transfer_size(), sun6i_spi_prepare_dma(), sun6i_spi_transfer_one(), sun6i_spi_handler() and sun6i_spi_probe() functions in drivers/spi/spi-sun6i.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Memory leak

EUVDB-ID: #VU90023

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52518

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hci_dev_close_sync() function in net/bluetooth/hci_sync.c, within the hci_release_dev() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Out-of-bounds read

EUVDB-ID: #VU90348

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52519

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the enable_gpe() function in drivers/hid/intel-ish-hid/ipc/pci-ish.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Memory leak

EUVDB-ID: #VU91656

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52520

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tlmi_release_attr() and tlmi_sysfs_init() functions in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) NULL pointer dereference

EUVDB-ID: #VU90635

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52523

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the BPF_CALL_4() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Improper locking

EUVDB-ID: #VU91319

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52524

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nfc_llcp_register_device() function in net/nfc/llcp_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Out-of-bounds read

EUVDB-ID: #VU90349

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52525

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mwifiex_process_rx_packet() function in drivers/net/wireless/marvell/mwifiex/sta_rx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Use of uninitialized resource

EUVDB-ID: #VU90884

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52528

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the __smsc75xx_read_reg() function in drivers/net/usb/smsc75xx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Memory leak

EUVDB-ID: #VU89386

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52529

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sony_probe() function in drivers/hid/hid-sony.c. A local user can perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Use-after-free

EUVDB-ID: #VU90237

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52530

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee80211_key_link() function in net/mac80211/key.c, within the ieee80211_add_key() function in net/mac80211/cfg.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Buffer overflow

EUVDB-ID: #VU91210

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52531

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the drivers/net/wireless/intel/iwlwifi/mvm/fw.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Improper error handling

EUVDB-ID: #VU90959

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52532

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the mana_poll_tx_cq() function in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) Resource management error

EUVDB-ID: #VU93208

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52559

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the iommu_suspend() and iommu_resume() functions in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Memory leak

EUVDB-ID: #VU90022

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52563

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the meson_encoder_hdmi_hpd_notify() function in drivers/gpu/drm/meson/meson_encoder_hdmi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Use-after-free

EUVDB-ID: #VU90240

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52564

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gsm_cleanup_mux() function in drivers/tty/n_gsm.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Use-after-free

EUVDB-ID: #VU90238

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52566

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nilfs_gccache_submit_read_data() function in fs/nilfs2/gcinode.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) NULL pointer dereference

EUVDB-ID: #VU90636

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52567

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the serial8250_handle_irq() function in drivers/tty/serial/8250/8250_port.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Improper error handling

EUVDB-ID: #VU90958

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52569

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the btrfs_balance_delayed_items() and btrfs_insert_delayed_dir_index() functions in fs/btrfs/delayed-inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) NULL pointer dereference

EUVDB-ID: #VU89390

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52574

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in drivers/net/team/team.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Use-after-free

EUVDB-ID: #VU91065

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52576

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the add_early_ima_buffer() function in arch/x86/kernel/setup.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Resource management error

EUVDB-ID: #VU92992

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52582

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the netfs_rreq_unlock_folios() function in fs/netfs/buffered_read.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Improper locking

EUVDB-ID: #VU90802

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52583

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ceph_encode_dentry_release() function in fs/ceph/caps.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Improper locking

EUVDB-ID: #VU91541

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52587

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ipoib_mcast_join() function in drivers/infiniband/ulp/ipoib/ipoib_multicast.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Improper locking

EUVDB-ID: #VU91538

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52591

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the reiserfs_rename() function in fs/reiserfs/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Out-of-bounds read

EUVDB-ID: #VU90343

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52594

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ath9k_htc_txstatus() function in drivers/net/wireless/ath/ath9k/htc_drv_txrx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Improper locking

EUVDB-ID: #VU90803

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52595

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the rt2x00mac_bss_info_changed() function in drivers/net/wireless/ralink/rt2x00/rt2x00mac.c, within the rt2x00lib_disable_radio(), rt2x00lib_start() and rt2x00lib_stop() functions in drivers/net/wireless/ralink/rt2x00/rt2x00dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) Security features bypass

EUVDB-ID: #VU92172

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52597

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A local privileged can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) Resource management error

EUVDB-ID: #VU93864

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52598

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources in arch/s390/kernel/ptrace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Buffer overflow

EUVDB-ID: #VU88105

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52599

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the diNewExt() function in fs/jfs/jfs_imap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Use-after-free

EUVDB-ID: #VU88104

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52600

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in fs/jfs/jfs_mount.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Buffer overflow

EUVDB-ID: #VU88103

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52601

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in fs/jfs/jfs_dmap.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) Out-of-bounds read

EUVDB-ID: #VU89254

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52602

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the dtSearch() function in fs/jfs/jfs_dtree.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Improper validation of array index

EUVDB-ID: #VU88885

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52603

CWE-ID: CWE-129 - Improper Validation of Array Index

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of array index within the dtSplitRoot() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) Out-of-bounds read

EUVDB-ID: #VU90342

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52604

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Buffer overflow

EUVDB-ID: #VU87343

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52606

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the fp/vmx code in powerpc/lib/sstep.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) NULL pointer dereference

EUVDB-ID: #VU90841

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52607

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pgtable_cache_add() function in arch/powerpc/mm/init-common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Resource management error

EUVDB-ID: #VU92973

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52608

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the shmem_poll_done() function in drivers/firmware/arm_scmi/shmem.c, within the rx_callback() function in drivers/firmware/arm_scmi/mailbox.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Buffer overflow

EUVDB-ID: #VU91314

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52612

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the scomp_acomp_comp_decomp() function in crypto/scompress.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) Improper locking

EUVDB-ID: #VU90798

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52615

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the rng_get_data() and rng_dev_read() functions in drivers/char/hw_random/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) Resource management error

EUVDB-ID: #VU93474

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52617

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the stdev_release(), stdev_create(), switchtec_init_pci() and switchtec_pci_remove() functions in drivers/pci/switch/switchtec.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) Buffer overflow

EUVDB-ID: #VU93668

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52619

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ramoops_init_przs() function in fs/pstore/ram.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Reachable assertion

EUVDB-ID: #VU90912

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52621

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the rcu_read_lock_held(), BPF_CALL_4() and BPF_CALL_2() functions in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) Improper locking

EUVDB-ID: #VU92046

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52623

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the xprt_iter_current_entry() and rpc_xprt_switch_has_addr() functions in net/sunrpc/xprtmultipath.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Stack-based buffer overflow

EUVDB-ID: #VU87901

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52628

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the nft_exthdr_sctp_eval(), nft_exthdr_tcp_eval(), and nft_exthdr_ipv6_eval() functions. A local user can pass specially crafted data to the system, trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) Improper locking

EUVDB-ID: #VU91534

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52632

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mutex_unlock() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Use-after-free

EUVDB-ID: #VU90218

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52637

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the j1939_sk_match_dst(), j1939_sk_match_filter(), j1939_sk_init() and j1939_sk_setsockopt() functions in net/can/j1939/socket.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Race condition

EUVDB-ID: #VU91483

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52639

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the gmap_shadow() function in arch/s390/mm/gmap.c, within the acquire_gmap_shadow() function in arch/s390/kvm/vsie.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) Use-after-free

EUVDB-ID: #VU91599

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6270

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) NULL pointer dereference

EUVDB-ID: #VU85854

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6356

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_iovec() function in the Linux kernel's NVMe driver. A remote attacker can pass specially crafted TCP packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) NULL pointer dereference

EUVDB-ID: #VU85853

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6535

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_execute_request() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) NULL pointer dereference

EUVDB-ID: #VU85852

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6536

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the __nvmet_req_complete() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

119) NULL pointer dereference

EUVDB-ID: #VU85422

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-7042

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can pass specially crafted data to the driver and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

120) Memory leak

EUVDB-ID: #VU86248

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-7192

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak within the ctnetlink_create_conntrack() function in net/netfilter/nf_conntrack_netlink.c. A local user with CAP_NET_ADMIN privileges can perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

121) NULL pointer dereference

EUVDB-ID: #VU89389

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0841

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the hugetlbfs_fill_super() function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

122) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU88374

Risk: Medium

CVSSv3.1: 7.8 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-2201

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a malicious guest to escalate privileges on the system.

The vulnerability exists due to native branch history injection on x86 systems. A malicious guest can infer the contents of arbitrary host memory, including memory assigned to other guests and compromise the affected system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

123) NULL pointer dereference

EUVDB-ID: #VU87192

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-22099

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

124) Integer overflow

EUVDB-ID: #VU88102

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23307

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

125) Improper check for unusual or exceptional conditions

EUVDB-ID: #VU92399

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-25739

CWE-ID: CWE-754 - Improper Check for Unusual or Exceptional Conditions

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper check for unusual or exceptional conditions error within the ubi_read_volume_table() function in drivers/mtd/ubi/vtbl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

126) Code Injection

EUVDB-ID: #VU89087

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-25742

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a malicious hypervisor to escalate privileges on the system.

The vulnerability exists due to improper input validation when handling interrupts. A malicious hypervisor can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

127) Out-of-bounds read

EUVDB-ID: #VU87681

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26599

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the of_pwm_single_xlate() function in drivers/pwm/core.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

128) NULL pointer dereference

EUVDB-ID: #VU89249

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26600

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in drivers/phy/ti/phy-omap-usb2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

129) Resource exhaustion

EUVDB-ID: #VU87499

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26602

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper resource management in kernel/sched/membarrier.c. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

130) NULL pointer dereference

EUVDB-ID: #VU90640

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26607

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sii902x_init() and sii902x_probe() functions in drivers/gpu/drm/bridge/sii902x.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

131) Resource management error

EUVDB-ID: #VU92991

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26612

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the EXPORT_SYMBOL() function in fs/fscache/cache.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

132) Resource management error

EUVDB-ID: #VU91320

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26614

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

133) Input validation error

EUVDB-ID: #VU94143

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26620

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the vfio_ap_mdev_filter_cdoms(), vfio_ap_mdev_filter_matrix(), assign_adapter_store(), assign_domain_store(), vfio_ap_mdev_probe_queue() and vfio_ap_on_cfg_changed() functions in drivers/s390/crypto/vfio_ap_ops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

134) Improper locking

EUVDB-ID: #VU88101

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26627

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack (DoS).

The vulnerability exists due to improper locking when calling the scsi_host_busy() function. A local user can perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

135) Improper locking

EUVDB-ID: #VU91536

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26629

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the check_for_locks() and nfsd4_release_lockowner() functions in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

136) Improper access control

EUVDB-ID: #VU88150

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26642

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

137) Incorrect calculation

EUVDB-ID: #VU93762

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26645

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the __tracing_map_insert() function in kernel/trace/tracing_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

138) Buffer overflow

EUVDB-ID: #VU91204

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26646

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the hfi_parse_features() and intel_hfi_init() functions in drivers/thermal/intel/intel_hfi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

139) Unchecked Return Value

EUVDB-ID: #VU87902

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26651

CWE-ID: CWE-252 - Unchecked Return Value

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a missing check of the return value from the usbnet_get_endpoints() function in drivers/net/usb/sr9800.c. A local user can crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

140) Race condition

EUVDB-ID: #VU88148

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26654

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in sound/sh/aica.c. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

141) Buffer overflow

EUVDB-ID: #VU93244

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26659

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the process_isoc_td() function in drivers/usb/host/xhci-ring.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

142) Out-of-bounds read

EUVDB-ID: #VU90335

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26664

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the create_core_data() function in drivers/hwmon/coretemp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

143) Improper locking

EUVDB-ID: #VU93769

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26667

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dpu_encoder_helper_phys_cleanup() function in drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

144) Resource management error

EUVDB-ID: #VU93299

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26670

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the arch/arm64/kernel/entry.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

145) NULL pointer dereference

EUVDB-ID: #VU90604

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26695

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/crypto/ccp/sev-dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

146) NULL pointer dereference

EUVDB-ID: #VU93058

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26717

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i2c_hid_of_probe() function in drivers/hid/i2c-hid/i2c-hid-of.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource: before 1-150500.11.5.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional: before 5.14.21-150500.13.43.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.43.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-debugsource: before 5.14.21-150500.13.43.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-syms-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.43.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra: before 5.14.21-150500.13.43.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo: before 1-150500.11.5.1

kernel-rt-livepatch: before 5.14.21-150500.13.43.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.43.1

ocfs2-kmp-rt: before 5.14.21-150500.13.43.1

kselftests-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-debuginfo: before 5.14.21-150500.13.43.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.43.1

kernel-livepatch-5_14_21-150500_13_43-rt: before 1-150500.11.5.1

cluster-md-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt_debug-devel: before 5.14.21-150500.13.43.1

gfs2-kmp-rt: before 5.14.21-150500.13.43.1

kernel-rt-vdso: before 5.14.21-150500.13.43.1

kernel-source-rt: before 5.14.21-150500.13.43.1

kernel-devel-rt: before 5.14.21-150500.13.43.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241322-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###