SUSE update for the Linux Kernel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 146 |
| CVE-ID | CVE-2021-46925 CVE-2021-46926 CVE-2021-46927 CVE-2021-46929 CVE-2021-46930 CVE-2021-46931 CVE-2021-46933 CVE-2021-46934 CVE-2021-46936 CVE-2021-47082 CVE-2021-47083 CVE-2021-47087 CVE-2021-47091 CVE-2021-47093 CVE-2021-47094 CVE-2021-47095 CVE-2021-47096 CVE-2021-47097 CVE-2021-47098 CVE-2021-47099 CVE-2021-47100 CVE-2021-47101 CVE-2021-47102 CVE-2021-47104 CVE-2021-47105 CVE-2021-47107 CVE-2021-47108 CVE-2022-4744 CVE-2022-48626 CVE-2022-48627 CVE-2022-48628 CVE-2022-48629 CVE-2022-48630 CVE-2023-0160 CVE-2023-28746 CVE-2023-35827 CVE-2023-52447 CVE-2023-52450 CVE-2023-52453 CVE-2023-52454 CVE-2023-52462 CVE-2023-52463 CVE-2023-52467 CVE-2023-52469 CVE-2023-52470 CVE-2023-52474 CVE-2023-52476 CVE-2023-52477 CVE-2023-52481 CVE-2023-52482 CVE-2023-52484 CVE-2023-52486 CVE-2023-52492 CVE-2023-52493 CVE-2023-52494 CVE-2023-52497 CVE-2023-52500 CVE-2023-52501 CVE-2023-52502 CVE-2023-52504 CVE-2023-52507 CVE-2023-52508 CVE-2023-52509 CVE-2023-52510 CVE-2023-52511 CVE-2023-52513 CVE-2023-52515 CVE-2023-52517 CVE-2023-52518 CVE-2023-52519 CVE-2023-52520 CVE-2023-52523 CVE-2023-52524 CVE-2023-52525 CVE-2023-52528 CVE-2023-52529 CVE-2023-52530 CVE-2023-52531 CVE-2023-52532 CVE-2023-52559 CVE-2023-52563 CVE-2023-52564 CVE-2023-52566 CVE-2023-52567 CVE-2023-52569 CVE-2023-52574 CVE-2023-52576 CVE-2023-52582 CVE-2023-52583 CVE-2023-52587 CVE-2023-52591 CVE-2023-52594 CVE-2023-52595 CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52600 CVE-2023-52601 CVE-2023-52602 CVE-2023-52603 CVE-2023-52604 CVE-2023-52606 CVE-2023-52607 CVE-2023-52608 CVE-2023-52612 CVE-2023-52615 CVE-2023-52617 CVE-2023-52619 CVE-2023-52621 CVE-2023-52623 CVE-2023-52628 CVE-2023-52632 CVE-2023-52637 CVE-2023-52639 CVE-2023-6270 CVE-2023-6356 CVE-2023-6535 CVE-2023-6536 CVE-2023-7042 CVE-2023-7192 CVE-2024-0841 CVE-2024-2201 CVE-2024-22099 CVE-2024-23307 CVE-2024-25739 CVE-2024-25742 CVE-2024-26599 CVE-2024-26600 CVE-2024-26602 CVE-2024-26607 CVE-2024-26612 CVE-2024-26614 CVE-2024-26620 CVE-2024-26627 CVE-2024-26629 CVE-2024-26642 CVE-2024-26645 CVE-2024-26646 CVE-2024-26651 CVE-2024-26654 CVE-2024-26659 CVE-2024-26664 CVE-2024-26667 CVE-2024-26670 CVE-2024-26695 CVE-2024-26717 |
| CWE-ID | CWE-667 CWE-399 CWE-617 CWE-416 CWE-121 CWE-754 CWE-415 CWE-125 CWE-763 CWE-401 CWE-476 CWE-908 CWE-190 CWE-264 CWE-119 CWE-400 CWE-362 CWE-200 CWE-835 CWE-388 CWE-254 CWE-129 CWE-1037 CWE-94 CWE-20 CWE-284 CWE-682 CWE-252 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
SUSE Linux Enterprise Micro Operating systems & Components / Operating system SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system kernel-rt_debug Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_47-rt Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component kernel-rt-livepatch Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 146 vulnerabilities.
1) Improper locking
EUVDB-ID: #VU92051
Risk: Low
CVSSv3.1: 4.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46925
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smc_wr_is_tx_pend(), smc_wr_tx_process_cqe(), smc_wr_reg_send() and smc_wr_free_link() functions in net/smc/smc_wr.c, within the smc_ib_modify_qp_rts() function in net/smc/smc_ib.c, within the smc_conn_free(), smcr_link_clear(), smc_conn_kill(), smc_smcd_terminate_all(), smc_smcr_terminate_all(), smcr_link_down() and init_waitqueue_head() functions in net/smc/smc_core.c, within the smc_cdc_tx_handler(), smc_cdc_msg_send(), smcr_cdc_msg_send_validation() and smc_cdc_get_slot_and_msg_send() functions in net/smc/smc_cdc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource management error
EUVDB-ID: #VU89253
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46926
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the sdw_intel_acpi_cb() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Reachable assertion
EUVDB-ID: #VU90917
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46927
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the ne_set_user_memory_region_ioctl() function in drivers/virt/nitro_enclaves/ne_misc_dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use-after-free
EUVDB-ID: #VU90257
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46929
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sctp_transport_lookup_process() and sctp_transport_get_idx() functions in net/sctp/socket.c, within the sctp_sock_dump() and sctp_sock_filter() functions in net/sctp/sctp_diag.c, within the sctp_endpoint_free() and sctp_endpoint_destroy() functions in net/sctp/endpointola.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use-after-free
EUVDB-ID: #VU90258
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46930
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mtu3_alloc_request() function in drivers/usb/mtu3/mtu3_gadget.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Stack-based buffer overflow
EUVDB-ID: #VU91303
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46931
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the mlx5e_tx_reporter_dump_sq() and mlx5e_reporter_tx_timeout() functions in drivers/net/ethernet/mellanox/mlx5/core/en/reporter_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Use-after-free
EUVDB-ID: #VU90259
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46933
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ffs_data_clear() and ffs_data_reset() functions in drivers/usb/gadget/function/f_fs.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper Check for Unusual or Exceptional Conditions
EUVDB-ID: #VU89264
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46934
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a local user to produce warnings from the userspace.
The vulnerability exists due to improper error handling within the compat_i2cdev_ioctl() function in drivers/i2c/i2c-dev.c. A local user can pass specially crafted data to the driver and influence its behavior.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Use-after-free
EUVDB-ID: #VU88892
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46936
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the inet_init() function in net/ipv4/af_inet.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Double Free
EUVDB-ID: #VU89391
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47082
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in drivers/net/tun.c. A local user can trigger a double free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Out-of-bounds read
EUVDB-ID: #VU90346
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47083
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mtk_xt_get_gpio_n() function in drivers/pinctrl/mediatek/pinctrl-mtk-common-v2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Release of invalid pointer or reference
EUVDB-ID: #VU93003
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47087
CWE-ID:
CWE-763 - Release of invalid pointer or reference
Exploit availability: No
DescriptionThe vulnerability allows a local user to modify data on the system.
The vulnerability exists due to performance of perform __free_pages(page, order) using this pointer as we would free any arbitrary pages. A local user can modify data on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Reachable assertion
EUVDB-ID: #VU90913
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47091
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the ieee80211_start_ap() function in net/mac80211/cfg.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Memory leak
EUVDB-ID: #VU90478
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47093
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pmc_core_platform_init() function in drivers/platform/x86/intel_pmc_core_pltdrv.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Use-after-free
EUVDB-ID: #VU88107
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47094
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in arch/x86/kvm/mmu/tdp_iter.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) NULL pointer dereference
EUVDB-ID: #VU90633
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47095
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ssif_probe() function in drivers/char/ipmi/ipmi_ssif.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Use of uninitialized resource
EUVDB-ID: #VU91681
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47096
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the snd_rawmidi_open() function in sound/core/rawmidi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Out-of-bounds read
EUVDB-ID: #VU90344
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47097
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the elantech_change_report_id() function in drivers/input/mouse/elantech.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Integer overflow
EUVDB-ID: #VU91181
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47098
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the lm90_set_temphyst() function in drivers/hwmon/lm90.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU88856
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47099
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a missing security check within the veth_xdp_rcv() function in drivers/net/veth.c. A local user can gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Use-after-free
EUVDB-ID: #VU90233
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47100
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cleanup_bmc_device() function in drivers/char/ipmi/ipmi_msghandler.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Use of uninitialized resource
EUVDB-ID: #VU90882
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47101
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the asix_check_host_enable() function in drivers/net/usb/asix_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Out-of-bounds read
EUVDB-ID: #VU90345
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47102
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the prestera_netdev_port_event() function in drivers/net/ethernet/marvell/prestera/prestera_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Memory leak
EUVDB-ID: #VU90019
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47104
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qib_user_sdma_queue_pkts() function in drivers/infiniband/hw/qib/qib_user_sdma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Memory leak
EUVDB-ID: #VU91655
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47105
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ice_xsk_any_rx_ring_ena() function in drivers/net/ethernet/intel/ice/ice_xsk.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Buffer overflow
EUVDB-ID: #VU91316
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47107
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfsd_proc_rmdir() and nfsd_init_dirlist_pages() functions in fs/nfsd/nfsproc.c, within the nfsd3_proc_link() and nfsd3_init_dirlist_pages() functions in fs/nfsd/nfs3proc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) NULL pointer dereference
EUVDB-ID: #VU90632
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47108
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_hdmi_bridge_mode_valid() function in drivers/gpu/drm/mediatek/mtk_hdmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Double Free
EUVDB-ID: #VU74053
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-4744
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the tun_free_netdev() function in the Linux kernel’s TUN/TAP device driver. A local user can trigger a double free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Use-after-free
EUVDB-ID: #VU90261
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48626
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the moxart_remove() function in drivers/mmc/host/moxart-mmc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Resource exhaustion
EUVDB-ID: #VU92194
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48627
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Race condition
EUVDB-ID: #VU93383
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48628
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the __inc_stopping_blocker() function in fs/ceph/super.c, within the ceph_handle_snap() and up_write() functions in fs/ceph/snap.c, within the ceph_handle_quota() function in fs/ceph/quota.c, within the handle_lease(), mutex_unlock() and ceph_mdsc_init() functions in fs/ceph/mds_client.c, within the ceph_handle_caps() and iput() functions in fs/ceph/caps.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Information disclosure
EUVDB-ID: #VU93004
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48629
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Infinite loop
EUVDB-ID: #VU91418
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48630
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the qcom_rng_read() function in drivers/crypto/qcom-rng.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Improper locking
EUVDB-ID: #VU90810
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0160
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Information disclosure
EUVDB-ID: #VU87457
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-28746
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors. A local user can gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Use-after-free
EUVDB-ID: #VU82758
Risk: Low
CVSSv3.1: 6.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-35827
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ravb_remove in drivers/net/ethernet/renesas/ravb_main.c. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Use-after-free
EUVDB-ID: #VU87740
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52447
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in
bpf. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) NULL pointer dereference
EUVDB-ID: #VU90661
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52450
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the discover_upi_topology() function in arch/x86/events/intel/uncore_snbep.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Buffer overflow
EUVDB-ID: #VU93167
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52453
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the hisi_acc_vf_resume_write() and hisi_acc_vf_save_read() functions in drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) NULL pointer dereference
EUVDB-ID: #VU89244
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52454
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_pdu_iovec() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Buffer overflow
EUVDB-ID: #VU89237
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52462
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to crash the kernel.
The vulnerability exists due to a boundary error within the check_stack_write_fixed_off() function in kernel/bpf/verifier.c. A local user can trigger memory corruption and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) NULL pointer dereference
EUVDB-ID: #VU90660
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52463
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efivarfs_get_tree() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) NULL pointer dereference
EUVDB-ID: #VU89236
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52467
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the of_syscon_register() function in drivers/mfd/syscon.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Use-after-free
EUVDB-ID: #VU89235
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52469
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kv_parse_power_table() function in drivers/gpu/drm/amd/amdgpu/kv_dpm.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) NULL pointer dereference
EUVDB-ID: #VU92074
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52470
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the radeon_crtc_init() function in drivers/gpu/drm/radeon/radeon_display.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Improper locking
EUVDB-ID: #VU92053
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52474
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the build_vnic_ulp_payload() function in drivers/infiniband/hw/hfi1/vnic_sdma.c, within the build_verbs_tx_desc() function in drivers/infiniband/hw/hfi1/verbs.c, within the user_sdma_send_pkts(), add_system_pages_to_sdma_packet(), hfi1_user_sdma_process_request(), user_sdma_txadd_ahg(), sdma_cache_evict(), user_sdma_txreq_cb(), pq_update(), user_sdma_free_request(), set_comp_state() and sdma_rb_remove() functions in drivers/infiniband/hw/hfi1/user_sdma.c, within the sdma_unmap_desc(), ext_coal_sdma_tx_descs() and _pad_sdma_tx_descs() functions in drivers/infiniband/hw/hfi1/sdma.c, within the hfi1_mmu_rb_insert(), hfi1_mmu_rb_get_first(), __mmu_rb_search() and hfi1_mmu_rb_evict() functions in drivers/infiniband/hw/hfi1/mmu_rb.c, within the hfi1_ipoib_build_ulp_payload() function in drivers/infiniband/hw/hfi1/ipoib_tx.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Out-of-bounds read
EUVDB-ID: #VU88821
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52476
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the branch_type() and get_branch_type() functions in arch/x86/events/utils.c. A local user can trigger an out-of-bounds read error and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Use of uninitialized resource
EUVDB-ID: #VU89393
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52477
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to usage of uninitialized BOS descriptors in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Information disclosure
EUVDB-ID: #VU91368
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52481
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the ERRATA_MIDR_REV_RANGE() function in arch/arm64/kernel/cpu_errata.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Stack-based buffer overflow
EUVDB-ID: #VU91302
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52482
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the VULNBL_AMD() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Resource management error
EUVDB-ID: #VU89252
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52484
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the arm_smmu_free_shared_cd() function in drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Improper locking
EUVDB-ID: #VU90801
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52486
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the drivers/gpu/drm/drm_plane.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) NULL pointer dereference
EUVDB-ID: #VU90626
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52492
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/dma/dmaengine.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Improper locking
EUVDB-ID: #VU91537
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52493
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the parse_xfer_event() function in drivers/bus/mhi/host/main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Buffer overflow
EUVDB-ID: #VU91209
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52494
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the mhi_del_ring_element() function in drivers/bus/mhi/host/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Resource exhaustion
EUVDB-ID: #VU93097
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52497
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack and modify data on the system,.
The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack and modify data on the system,.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Memory leak
EUVDB-ID: #VU91657
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52500
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mpi_set_controller_config_resp() function in drivers/scsi/pm8001/pm80xx_hwi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Information disclosure
EUVDB-ID: #VU93098
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52501
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Race condition
EUVDB-ID: #VU88106
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52502
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() functions in net/nfc/llcp_core.c. A local user can exploit the race and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Out-of-bounds read
EUVDB-ID: #VU90347
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52504
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the apply_alternatives() function in arch/x86/kernel/alternative.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Out-of-bounds read
EUVDB-ID: #VU90350
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52507
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nci_activate_target() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) NULL pointer dereference
EUVDB-ID: #VU90634
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52508
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nvme_fc_io_getuuid() function in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Use-after-free
EUVDB-ID: #VU89255
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52509
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user can escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ravb_close() function in drivers/net/ethernet/renesas/ravb_main.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Use-after-free
EUVDB-ID: #VU90235
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52510
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ca8210_register_ext_clock() and ca8210_unregister_ext_clock() functions in drivers/net/ieee802154/ca8210.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Resource exhaustion
EUVDB-ID: #VU93001
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52511
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) NULL pointer dereference
EUVDB-ID: #VU91242
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52513
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the siw_accept_newconn(), siw_cm_work_handler() and siw_cm_llp_data_ready() functions in drivers/infiniband/sw/siw/siw_cm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Use-after-free
EUVDB-ID: #VU90236
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52515
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the srp_abort() function in drivers/infiniband/ulp/srp/ib_srp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Race condition
EUVDB-ID: #VU91487
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52517
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the sun6i_spi_max_transfer_size(), sun6i_spi_prepare_dma(), sun6i_spi_transfer_one(), sun6i_spi_handler() and sun6i_spi_probe() functions in drivers/spi/spi-sun6i.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Memory leak
EUVDB-ID: #VU90023
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52518
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hci_dev_close_sync() function in net/bluetooth/hci_sync.c, within the hci_release_dev() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Out-of-bounds read
EUVDB-ID: #VU90348
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52519
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the enable_gpe() function in drivers/hid/intel-ish-hid/ipc/pci-ish.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Memory leak
EUVDB-ID: #VU91656
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52520
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tlmi_release_attr() and tlmi_sysfs_init() functions in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) NULL pointer dereference
EUVDB-ID: #VU90635
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52523
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the BPF_CALL_4() function in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
73) Improper locking
EUVDB-ID: #VU91319
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52524
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfc_llcp_register_device() function in net/nfc/llcp_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Out-of-bounds read
EUVDB-ID: #VU90349
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52525
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mwifiex_process_rx_packet() function in drivers/net/wireless/marvell/mwifiex/sta_rx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) Use of uninitialized resource
EUVDB-ID: #VU90884
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52528
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __smsc75xx_read_reg() function in drivers/net/usb/smsc75xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Memory leak
EUVDB-ID: #VU89386
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52529
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sony_probe() function in drivers/hid/hid-sony.c. A local user can perform a denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
77) Use-after-free
EUVDB-ID: #VU90237
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52530
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_key_link() function in net/mac80211/key.c, within the ieee80211_add_key() function in net/mac80211/cfg.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) Buffer overflow
EUVDB-ID: #VU91210
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52531
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the drivers/net/wireless/intel/iwlwifi/mvm/fw.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
79) Improper error handling
EUVDB-ID: #VU90959
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52532
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mana_poll_tx_cq() function in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
80) Resource management error
EUVDB-ID: #VU93208
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52559
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iommu_suspend() and iommu_resume() functions in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
81) Memory leak
EUVDB-ID: #VU90022
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52563
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the meson_encoder_hdmi_hpd_notify() function in drivers/gpu/drm/meson/meson_encoder_hdmi.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
82) Use-after-free
EUVDB-ID: #VU90240
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52564
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gsm_cleanup_mux() function in drivers/tty/n_gsm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
83) Use-after-free
EUVDB-ID: #VU90238
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52566
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_gccache_submit_read_data() function in fs/nilfs2/gcinode.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
84) NULL pointer dereference
EUVDB-ID: #VU90636
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52567
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the serial8250_handle_irq() function in drivers/tty/serial/8250/8250_port.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
85) Improper error handling
EUVDB-ID: #VU90958
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52569
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the btrfs_balance_delayed_items() and btrfs_insert_delayed_dir_index() functions in fs/btrfs/delayed-inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
86) NULL pointer dereference
EUVDB-ID: #VU89390
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52574
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in drivers/net/team/team.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
87) Use-after-free
EUVDB-ID: #VU91065
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52576
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the add_early_ima_buffer() function in arch/x86/kernel/setup.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
88) Resource management error
EUVDB-ID: #VU92992
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52582
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the netfs_rreq_unlock_folios() function in fs/netfs/buffered_read.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
89) Improper locking
EUVDB-ID: #VU90802
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52583
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ceph_encode_dentry_release() function in fs/ceph/caps.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
90) Improper locking
EUVDB-ID: #VU91541
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52587
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ipoib_mcast_join() function in drivers/infiniband/ulp/ipoib/ipoib_multicast.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
91) Improper locking
EUVDB-ID: #VU91538
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52591
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reiserfs_rename() function in fs/reiserfs/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
92) Out-of-bounds read
EUVDB-ID: #VU90343
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52594
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ath9k_htc_txstatus() function in drivers/net/wireless/ath/ath9k/htc_drv_txrx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
93) Improper locking
EUVDB-ID: #VU90803
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52595
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rt2x00mac_bss_info_changed() function in drivers/net/wireless/ralink/rt2x00/rt2x00mac.c, within the rt2x00lib_disable_radio(), rt2x00lib_start() and rt2x00lib_stop() functions in drivers/net/wireless/ralink/rt2x00/rt2x00dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
94) Security features bypass
EUVDB-ID: #VU92172
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52597
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A local privileged can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
95) Resource management error
EUVDB-ID: #VU93864
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52598
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in arch/s390/kernel/ptrace.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
96) Buffer overflow
EUVDB-ID: #VU88105
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52599
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the diNewExt() function in fs/jfs/jfs_imap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
97) Use-after-free
EUVDB-ID: #VU88104
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52600
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in fs/jfs/jfs_mount.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
98) Buffer overflow
EUVDB-ID: #VU88103
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52601
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in fs/jfs/jfs_dmap.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
99) Out-of-bounds read
EUVDB-ID: #VU89254
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52602
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the dtSearch() function in fs/jfs/jfs_dtree.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
100) Improper validation of array index
EUVDB-ID: #VU88885
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52603
CWE-ID:
CWE-129 - Improper Validation of Array Index
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of array index within the dtSplitRoot() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
101) Out-of-bounds read
EUVDB-ID: #VU90342
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52604
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
102) Buffer overflow
EUVDB-ID: #VU87343
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52606
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the fp/vmx code in powerpc/lib/sstep.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
103) NULL pointer dereference
EUVDB-ID: #VU90841
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52607
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pgtable_cache_add() function in arch/powerpc/mm/init-common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
104) Resource management error
EUVDB-ID: #VU92973
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52608
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the shmem_poll_done() function in drivers/firmware/arm_scmi/shmem.c, within the rx_callback() function in drivers/firmware/arm_scmi/mailbox.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
105) Buffer overflow
EUVDB-ID: #VU91314
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52612
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the scomp_acomp_comp_decomp() function in crypto/scompress.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
106) Improper locking
EUVDB-ID: #VU90798
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52615
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rng_get_data() and rng_dev_read() functions in drivers/char/hw_random/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
107) Resource management error
EUVDB-ID: #VU93474
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52617
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the stdev_release(), stdev_create(), switchtec_init_pci() and switchtec_pci_remove() functions in drivers/pci/switch/switchtec.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
108) Buffer overflow
EUVDB-ID: #VU93668
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52619
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ramoops_init_przs() function in fs/pstore/ram.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
109) Reachable assertion
EUVDB-ID: #VU90912
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52621
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the rcu_read_lock_held(), BPF_CALL_4() and BPF_CALL_2() functions in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
110) Improper locking
EUVDB-ID: #VU92046
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52623
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xprt_iter_current_entry() and rpc_xprt_switch_has_addr() functions in net/sunrpc/xprtmultipath.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
111) Stack-based buffer overflow
EUVDB-ID: #VU87901
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52628
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the nft_exthdr_sctp_eval(), nft_exthdr_tcp_eval(), and nft_exthdr_ipv6_eval() functions. A local user can pass specially crafted data to the system, trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
112) Improper locking
EUVDB-ID: #VU91534
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52632
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mutex_unlock() function in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
113) Use-after-free
EUVDB-ID: #VU90218
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52637
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the j1939_sk_match_dst(), j1939_sk_match_filter(), j1939_sk_init() and j1939_sk_setsockopt() functions in net/can/j1939/socket.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
114) Race condition
EUVDB-ID: #VU91483
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52639
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the gmap_shadow() function in arch/s390/mm/gmap.c, within the acquire_gmap_shadow() function in arch/s390/kvm/vsie.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
115) Use-after-free
EUVDB-ID: #VU91599
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6270
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
116) NULL pointer dereference
EUVDB-ID: #VU85854
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6356
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_iovec() function in the Linux kernel's NVMe driver. A remote attacker can pass specially crafted TCP packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
117) NULL pointer dereference
EUVDB-ID: #VU85853
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6535
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_execute_request() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
118) NULL pointer dereference
EUVDB-ID: #VU85852
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6536
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the __nvmet_req_complete() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
119) NULL pointer dereference
EUVDB-ID: #VU85422
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-7042
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can pass specially crafted data to the driver and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
120) Memory leak
EUVDB-ID: #VU86248
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-7192
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak within the ctnetlink_create_conntrack() function in net/netfilter/nf_conntrack_netlink.c. A local user with CAP_NET_ADMIN privileges can perform denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
121) NULL pointer dereference
EUVDB-ID: #VU89389
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-0841
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the hugetlbfs_fill_super() function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
122) Processor optimization removal or modification of security-critical code
EUVDB-ID: #VU88374
Risk: Medium
CVSSv3.1: 7.8 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-2201
CWE-ID:
CWE-1037 - Processor optimization removal or modification of security-critical code
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to native branch history injection on x86 systems. A malicious guest can infer the contents of arbitrary host memory, including memory assigned to other guests and compromise the affected system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
123) NULL pointer dereference
EUVDB-ID: #VU87192
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22099
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
124) Integer overflow
EUVDB-ID: #VU88102
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23307
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
125) Improper check for unusual or exceptional conditions
EUVDB-ID: #VU92399
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25739
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper check for unusual or exceptional conditions error within the ubi_read_volume_table() function in drivers/mtd/ubi/vtbl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
126) Code Injection
EUVDB-ID: #VU89087
Risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25742
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
Description
The vulnerability allows a malicious hypervisor to escalate privileges on the system.
The vulnerability exists due to improper input validation when handling interrupts. A malicious hypervisor can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
127) Out-of-bounds read
EUVDB-ID: #VU87681
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26599
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the of_pwm_single_xlate() function in drivers/pwm/core.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
128) NULL pointer dereference
EUVDB-ID: #VU89249
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26600
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in drivers/phy/ti/phy-omap-usb2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
129) Resource exhaustion
EUVDB-ID: #VU87499
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26602
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper resource management in kernel/sched/membarrier.c. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
130) NULL pointer dereference
EUVDB-ID: #VU90640
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26607
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sii902x_init() and sii902x_probe() functions in drivers/gpu/drm/bridge/sii902x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
131) Resource management error
EUVDB-ID: #VU92991
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26612
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the EXPORT_SYMBOL() function in fs/fscache/cache.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
132) Resource management error
EUVDB-ID: #VU91320
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26614
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
133) Input validation error
EUVDB-ID: #VU94143
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26620
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vfio_ap_mdev_filter_cdoms(), vfio_ap_mdev_filter_matrix(), assign_adapter_store(), assign_domain_store(), vfio_ap_mdev_probe_queue() and vfio_ap_on_cfg_changed() functions in drivers/s390/crypto/vfio_ap_ops.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
134) Improper locking
EUVDB-ID: #VU88101
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26627
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack (DoS).
The vulnerability exists due to improper locking when calling the scsi_host_busy() function. A local user can perform a denial of service attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
135) Improper locking
EUVDB-ID: #VU91536
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26629
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the check_for_locks() and nfsd4_release_lockowner() functions in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
136) Improper access control
EUVDB-ID: #VU88150
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26642
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
137) Incorrect calculation
EUVDB-ID: #VU93762
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26645
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __tracing_map_insert() function in kernel/trace/tracing_map.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
138) Buffer overflow
EUVDB-ID: #VU91204
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26646
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the hfi_parse_features() and intel_hfi_init() functions in drivers/thermal/intel/intel_hfi.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
139) Unchecked Return Value
EUVDB-ID: #VU87902
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26651
CWE-ID:
CWE-252 - Unchecked Return Value
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a missing check of the return value from the usbnet_get_endpoints() function in drivers/net/usb/sr9800.c. A local user can crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
140) Race condition
EUVDB-ID: #VU88148
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26654
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in sound/sh/aica.c. A local user can exploit the race and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
141) Buffer overflow
EUVDB-ID: #VU93244
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26659
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the process_isoc_td() function in drivers/usb/host/xhci-ring.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
142) Out-of-bounds read
EUVDB-ID: #VU90335
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26664
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the create_core_data() function in drivers/hwmon/coretemp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
143) Improper locking
EUVDB-ID: #VU93769
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26667
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dpu_encoder_helper_phys_cleanup() function in drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
144) Resource management error
EUVDB-ID: #VU93299
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26670
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the arch/arm64/kernel/entry.S. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
145) NULL pointer dereference
EUVDB-ID: #VU90604
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26695
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/crypto/ccp/sev-dev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
146) NULL pointer dereference
EUVDB-ID: #VU93058
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26717
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i2c_hid_of_probe() function in drivers/hid/i2c-hid/i2c-hid-of.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt_debug: before 5.14.21-150500.13.47.1
kernel-rt: before 5.14.21-150500.13.47.1
kernel-rt-extra: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.47.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso: before 5.14.21-150500.13.47.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.47.1
kernel-syms-rt: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt: before 1-150500.11.3.1
reiserfs-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.47.1
gfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.47.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
ocfs2-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel: before 5.14.21-150500.13.47.1
dlm-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-optional: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.47.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.47.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.47.1
kernel-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource: before 1-150500.11.3.1
kernel-rt_debug-devel: before 5.14.21-150500.13.47.1
kernel-rt-livepatch: before 5.14.21-150500.13.47.1
cluster-md-kmp-rt: before 5.14.21-150500.13.47.1
kernel-rt-debugsource: before 5.14.21-150500.13.47.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.47.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.47.1
kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo: before 1-150500.11.3.1
kernel-devel-rt: before 5.14.21-150500.13.47.1
kernel-source-rt: before 5.14.21-150500.13.47.1
External linkshttp://www.suse.com/support/update/announcement/2024/suse-su-20241466-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
