SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 156
CVE-ID CVE-2020-36780
CVE-2020-36781
CVE-2020-36782
CVE-2020-36783
CVE-2021-23134
CVE-2021-29155
CVE-2021-46908
CVE-2021-46909
CVE-2021-46911
CVE-2021-46914
CVE-2021-46917
CVE-2021-46918
CVE-2021-46919
CVE-2021-46920
CVE-2021-46921
CVE-2021-46922
CVE-2021-46930
CVE-2021-46931
CVE-2021-46933
CVE-2021-46938
CVE-2021-46939
CVE-2021-46943
CVE-2021-46944
CVE-2021-46950
CVE-2021-46951
CVE-2021-46956
CVE-2021-46958
CVE-2021-46959
CVE-2021-46960
CVE-2021-46961
CVE-2021-46962
CVE-2021-46963
CVE-2021-46971
CVE-2021-46976
CVE-2021-46980
CVE-2021-46981
CVE-2021-46983
CVE-2021-46984
CVE-2021-46988
CVE-2021-46990
CVE-2021-46991
CVE-2021-46992
CVE-2021-46998
CVE-2021-47000
CVE-2021-47001
CVE-2021-47003
CVE-2021-47006
CVE-2021-47009
CVE-2021-47013
CVE-2021-47014
CVE-2021-47015
CVE-2021-47017
CVE-2021-47020
CVE-2021-47026
CVE-2021-47034
CVE-2021-47035
CVE-2021-47038
CVE-2021-47044
CVE-2021-47045
CVE-2021-47046
CVE-2021-47049
CVE-2021-47051
CVE-2021-47055
CVE-2021-47056
CVE-2021-47058
CVE-2021-47061
CVE-2021-47063
CVE-2021-47065
CVE-2021-47068
CVE-2021-47069
CVE-2021-47070
CVE-2021-47071
CVE-2021-47073
CVE-2021-47077
CVE-2021-47082
CVE-2021-47087
CVE-2021-47095
CVE-2021-47097
CVE-2021-47100
CVE-2021-47101
CVE-2021-47109
CVE-2021-47110
CVE-2021-47112
CVE-2021-47114
CVE-2021-47117
CVE-2021-47118
CVE-2021-47119
CVE-2021-47120
CVE-2021-47130
CVE-2021-47136
CVE-2021-47137
CVE-2021-47138
CVE-2021-47139
CVE-2021-47141
CVE-2021-47142
CVE-2021-47144
CVE-2021-47150
CVE-2021-47153
CVE-2021-47160
CVE-2021-47161
CVE-2021-47164
CVE-2021-47165
CVE-2021-47166
CVE-2021-47167
CVE-2021-47168
CVE-2021-47169
CVE-2021-47170
CVE-2021-47171
CVE-2021-47172
CVE-2021-47173
CVE-2021-47174
CVE-2021-47175
CVE-2021-47176
CVE-2021-47177
CVE-2021-47179
CVE-2021-47180
CVE-2021-47181
CVE-2021-47183
CVE-2021-47185
CVE-2021-47189
CVE-2022-0487
CVE-2022-4744
CVE-2022-48626
CVE-2023-0160
CVE-2023-1192
CVE-2023-28746
CVE-2023-35827
CVE-2023-52454
CVE-2023-52469
CVE-2023-52470
CVE-2023-52474
CVE-2023-52476
CVE-2023-52477
CVE-2023-52492
CVE-2023-52500
CVE-2023-52508
CVE-2023-52509
CVE-2023-52572
CVE-2023-52583
CVE-2023-52590
CVE-2023-52591
CVE-2023-52607
CVE-2023-52628
CVE-2023-6270
CVE-2023-6356
CVE-2023-6531
CVE-2023-6535
CVE-2023-6536
CVE-2023-7042
CVE-2023-7192
CVE-2024-22099
CVE-2024-26600
CVE-2024-26614
CVE-2024-26642
CVE-2024-26704
CVE-2024-26733
CWE-ID CWE-401
CWE-200
CWE-416
CWE-125
CWE-269
CWE-754
CWE-667
CWE-399
CWE-119
CWE-20
CWE-121
CWE-415
CWE-388
CWE-191
CWE-362
CWE-476
CWE-617
CWE-193
CWE-908
CWE-400
CWE-763
CWE-665
CWE-284
Exploitation vector Network
Public exploit Public exploit code for vulnerability #6 is available.
Public exploit code for vulnerability #121 is available.
Vulnerable software
 SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP3 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Enterprise Storage
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

dtb-amlogic
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

kernel-64kb-livepatch-devel
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-zte
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

dtb-al
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-livepatch-devel
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-optional-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-extra-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-extra
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt
Operating systems & Components / Operating system package or component

dlm-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-optional
Operating systems & Components / Operating system package or component

dlm-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_158-preempt
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP3_Update_43-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_158-default
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

kernel-64kb
Operating systems & Components / Operating system package or component

kernel-preempt-devel
Operating systems & Components / Operating system package or component

kernel-preempt-debugsource
Operating systems & Components / Operating system package or component

kernel-preempt-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 156 vulnerabilities.

1) Memory leak

EUVDB-ID: #VU89266

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36780

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due reference leak when pm_runtime_get_sync fails within the sprd_i2c_master_xfer() and sprd_i2c_remove() function in drivers/i2c/busses/i2c-sprd.c. A local user can perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU91369

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36781

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the i2c_imx_xfer() and i2c_imx_remove() functions in drivers/i2c/busses/i2c-imx.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU91404

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36782

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the lpi2c_imx_master_enable() function in drivers/i2c/busses/i2c-imx-lpi2c.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU91405

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36783

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the img_i2c_xfer() and img_i2c_init() functions in drivers/i2c/busses/i2c-img-scb.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU63657

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-23134

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in nfc sockets in the Linux Kernel. A local user with the CAP_NET_RAW capability can trigger use-after-free and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU67490

Risk: Low

CVSSv4.0: 5.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2021-29155

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: Yes

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists in retrieve_ptr_limit in kernel/bpf/verifier.c in the Linux kernel mechanism. A local, special user privileged (CAP_SYS_ADMIN) BPF program running on affected systems may bypass the protection, and execute speculatively out-of-bounds loads from the kernel memory.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

7) Improper privilege management

EUVDB-ID: #VU93739

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46908

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improperly imposed permissions within the adjust_ptr_min_max_vals() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper check for unusual or exceptional conditions

EUVDB-ID: #VU92396

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46909

CWE-ID: CWE-754 - Improper Check for Unusual or Exceptional Conditions

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper check for unusual or exceptional conditions error within the personal_server_map_irq() function in arch/arm/mach-footbridge/personal-pci.c, within the netwinder_map_irq() function in arch/arm/mach-footbridge/netwinder-pci.c, within the ebsa285_map_irq() function in arch/arm/mach-footbridge/ebsa285-pci.c, within the cats_no_swizzle() function in arch/arm/mach-footbridge/cats-pci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Improper locking

EUVDB-ID: #VU92052

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46911

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the chcr_ktls_xmit() function in drivers/net/ethernet/chelsio/inline_crypto/ch_ktls/chcr_ktls.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Resource management error

EUVDB-ID: #VU93593

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46914

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ixgbe_resume() function in drivers/net/ethernet/intel/ixgbe/ixgbe_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Memory leak

EUVDB-ID: #VU91663

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46917

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to memory leak within the disable_wq() function in drivers/dma/idxd/sysfs.c, within the idxd_wq_drain(), idxd_wq_unmap_portal(), idxd_wq_disable_cleanup() and idxd_wq_config_write() functions in drivers/dma/idxd/device.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Improper privilege management

EUVDB-ID: #VU93740

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46918

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improperly imposed permissions within the idxd_setup_interrupts() and idxd_shutdown() functions in drivers/dma/idxd/init.c, within the idxd_device_drain_pasid() function in drivers/dma/idxd/device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Improper privilege management

EUVDB-ID: #VU93741

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46919

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improperly imposed permissions within the wq_size_store() function in drivers/dma/idxd/sysfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Buffer overflow

EUVDB-ID: #VU93627

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46920

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to memory corruption within the process_misc_interrupts() function in drivers/dma/idxd/irq.c. A local user can manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Improper locking

EUVDB-ID: #VU88214

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46921

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to improper locking within the queued_write_lock_slowpath() function in kernel/locking/qrwlock.c. A local user can crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Input validation error

EUVDB-ID: #VU93696

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46922

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the tpm2_seal_trusted() function in security/keys/trusted-keys/trusted_tpm2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU90258

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46930

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mtu3_alloc_request() function in drivers/usb/mtu3/mtu3_gadget.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Stack-based buffer overflow

EUVDB-ID: #VU91303

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46931

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack overflow within the mlx5e_tx_reporter_dump_sq() and mlx5e_reporter_tx_timeout() functions in drivers/net/ethernet/mellanox/mlx5/core/en/reporter_tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU90259

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46933

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ffs_data_clear() and ffs_data_reset() functions in drivers/usb/gadget/function/f_fs.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Double free

EUVDB-ID: #VU90901

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46938

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to a double free error within the blk_mq_free_tag_set() and dm_mq_cleanup_mapped_device() functions in drivers/md/dm-rq.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Improper locking

EUVDB-ID: #VU90807

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46939

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the trace_clock_global() function in kernel/trace/trace_clock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Improper error handling

EUVDB-ID: #VU90962

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46943

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper error handling within the imgu_fmt() function in drivers/staging/media/ipu3/ipu3-v4l2.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Memory leak

EUVDB-ID: #VU90042

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46944

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the imgu_fmt() function in drivers/staging/media/ipu3/ipu3-v4l2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Resource management error

EUVDB-ID: #VU93648

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46950

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper management of internal resources within the raid1_end_write_request() function in drivers/md/raid1.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Integer underflow

EUVDB-ID: #VU91194

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46951

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to integer underflow within the tpm_read_log_efi() function in drivers/char/tpm/eventlog/efi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Memory leak

EUVDB-ID: #VU90043

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46956

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the virtio_fs_probe() function in fs/fuse/virtio_fs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free

EUVDB-ID: #VU90256

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46958

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cleanup_transaction() function in fs/btrfs/transaction.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Use-after-free

EUVDB-ID: #VU90246

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46959

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the devm_spi_alloc_master(), devm_spi_register_master() and spi_unregister_master() functions in drivers/spi/spi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Resource management error

EUVDB-ID: #VU93847

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46960

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the smb2_get_enc_key() function in fs/cifs/smb2ops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Improper error handling

EUVDB-ID: #VU92949

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46961

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the gic_handle_irq() function in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Improper error handling

EUVDB-ID: #VU90963

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46962

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the uniphier_sd_remove() function in drivers/mmc/host/uniphier-sd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Race condition

EUVDB-ID: #VU93384

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46963

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the qla2xxx_mqueuecommand() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Improper locking

EUVDB-ID: #VU92050

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46971

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the SYSCALL_DEFINE5() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Resource management error

EUVDB-ID: #VU93301

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46976

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the auto_active() function in drivers/gpu/drm/i915/i915_active.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds read

EUVDB-ID: #VU90356

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46980

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ucsi_unregister_altmodes(), ucsi_get_pdos() and ucsi_pwr_opmode_change() functions in drivers/usb/typec/ucsi/ucsi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) NULL pointer dereference

EUVDB-ID: #VU90641

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46981

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nbd_disconnect_and_put() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) NULL pointer dereference

EUVDB-ID: #VU90643

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46983

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nvmet_rdma_send_done() and nvmet_rdma_write_data_done() functions in drivers/nvme/target/rdma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Out-of-bounds read

EUVDB-ID: #VU90355

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46984

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dd_request_merge() function in block/mq-deadline.c, within the kyber_limit_depth() function in block/kyber-iosched.c, within the __blk_mq_sched_bio_merge() function in block/blk-mq-sched.c, within the bfq_remove_request() function in block/bfq-iosched.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Reachable assertion

EUVDB-ID: #VU90916

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46988

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the shmem_mfill_atomic_pte() function in mm/shmem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Input validation error

EUVDB-ID: #VU88890

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46990

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in arch/powerpc/lib/feature-fixups.c. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Use-after-free

EUVDB-ID: #VU90251

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46991

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the i40e_client_subtask() function in drivers/net/ethernet/intel/i40e/i40e_client.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Out-of-bounds read

EUVDB-ID: #VU90354

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46992

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the nft_rhash_destroy() function in net/netfilter/nft_set_hash.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Use-after-free

EUVDB-ID: #VU91070

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46998

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the enic_queue_wq_skb_encap(), enic_queue_wq_skb() and enic_hard_start_xmit() functions in drivers/net/ethernet/cisco/enic/enic_main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Information disclosure

EUVDB-ID: #VU91406

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47000

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the __fh_to_dentry() function in fs/ceph/export.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Input validation error

EUVDB-ID: #VU94145

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47001

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the rpcrdma_xprt_connect() and rpcrdma_post_sends() functions in net/sunrpc/xprtrdma/verbs.c, within the rpcrdma_reply_handler() function in net/sunrpc/xprtrdma/rpc_rdma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) NULL pointer dereference

EUVDB-ID: #VU90645

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47003

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the idxd_cmd_exec() function in drivers/dma/idxd/device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Buffer overflow

EUVDB-ID: #VU93626

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47006

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the breakpoint_handler() function in arch/arm/kernel/hw_breakpoint.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Memory leak

EUVDB-ID: #VU90034

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47009

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tpm_seal() function in security/keys/trusted-keys/trusted_tpm1.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Use-after-free

EUVDB-ID: #VU91068

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47013

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the emac_mac_tx_buf_send() function in drivers/net/ethernet/qualcomm/emac/emac-mac.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Resource management error

EUVDB-ID: #VU93211

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47014

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the tcf_ct_handle_fragments(), tcf_ct_act() and skb_push_rcsum() functions in net/sched/act_ct.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Improper error handling

EUVDB-ID: #VU92947

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47015

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the bnxt_rx_pkt() function in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Use-after-free

EUVDB-ID: #VU91067

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47017

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath10k_htc_send_bundle() function in drivers/net/wireless/ath/ath10k/htc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Memory leak

EUVDB-ID: #VU90029

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47020

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sdw_stream_add_slave() function in drivers/soundwire/stream.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Use-after-free

EUVDB-ID: #VU90254

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47026

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rtrs_clt_remove_path_from_sysfs() function in drivers/infiniband/ulp/rtrs/rtrs-clt.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Resource management error

EUVDB-ID: #VU93209

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47034

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the early_map_kernel_page() and __map_kernel_page() functions in arch/powerpc/mm/pgtable-radix.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Improper privilege management

EUVDB-ID: #VU93738

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47035

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the __domain_mapping() function in drivers/iommu/intel/iommu.c. A local user can read and manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Improper locking

EUVDB-ID: #VU90806

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47038

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the hci_conn_get_phy() function in net/bluetooth/hci_conn.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Out-of-bounds read

EUVDB-ID: #VU90353

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47044

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the detach_tasks() function in kernel/sched/fair.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) NULL pointer dereference

EUVDB-ID: #VU90648

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47045

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the lpfc_issue_els_plogi() function in drivers/scsi/lpfc/lpfc_els.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Off-by-one

EUVDB-ID: #VU91176

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47046

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Improper error handling

EUVDB-ID: #VU90960

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47049

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the __vmbus_open() function in drivers/hv/channel.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Information disclosure

EUVDB-ID: #VU91407

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47051

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the lpspi_prepare_xfer_hardware() function in drivers/spi/spi-fsl-lpspi.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Improper locking

EUVDB-ID: #VU91543

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47055

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mtdchar_ioctl() function in drivers/mtd/mtdchar.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Use of uninitialized resource

EUVDB-ID: #VU93084

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47056

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the adf_probe() function in drivers/crypto/qat/qat_dh895xccvf/adf_drv.c, within the adf_probe() function in drivers/crypto/qat/qat_c62xvf/adf_drv.c, within the adf_probe() function in drivers/crypto/qat/qat_c3xxxvf/adf_drv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Memory leak

EUVDB-ID: #VU90031

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47058

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the regmap_debugfs_exit() function in drivers/base/regmap/regmap-debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Use-after-free

EUVDB-ID: #VU90244

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47061

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the kvm_io_bus_unregister_dev() function in virt/kvm/kvm_main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Use-after-free

EUVDB-ID: #VU90243

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47063

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the panel_bridge_attach() function in drivers/gpu/drm/bridge/panel.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Out-of-bounds read

EUVDB-ID: #VU90352

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47065

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rtw_phy_load_tables(), rtw_get_channel_group() and rtw_get_tx_power_params() functions in drivers/net/wireless/realtek/rtw88/phy.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Use-after-free

EUVDB-ID: #VU90245

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47068

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the llcp_sock_bind() and llcp_sock_connect() functions in net/nfc/llcp_sock.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Resource exhaustion

EUVDB-ID: #VU92484

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47069

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error within the IPC implementation in Linux kernel. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Memory leak

EUVDB-ID: #VU90028

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47070

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hv_uio_probe() function in drivers/uio/uio_hv_generic.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Memory leak

EUVDB-ID: #VU90025

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47071

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hv_uio_probe() function in drivers/uio/uio_hv_generic.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Input validation error

EUVDB-ID: #VU93694

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47073

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the init_dell_smbios_wmi() function in drivers/platform/x86/dell-smbios-wmi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) NULL pointer dereference

EUVDB-ID: #VU90638

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47077

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the qedf_update_link_speed() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Double Free

EUVDB-ID: #VU89391

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47082

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in drivers/net/tun.c. A local user can trigger a double free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Release of invalid pointer or reference

EUVDB-ID: #VU93003

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47087

CWE-ID: CWE-763 - Release of invalid pointer or reference

Exploit availability: No

Description

The vulnerability allows a local user to modify data on the system.

The vulnerability exists due to performance of perform __free_pages(page, order) using this pointer as we would free any arbitrary pages. A local user can modify data on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) NULL pointer dereference

EUVDB-ID: #VU90633

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47095

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ssif_probe() function in drivers/char/ipmi/ipmi_ssif.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Out-of-bounds read

EUVDB-ID: #VU90344

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47097

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the elantech_change_report_id() function in drivers/input/mouse/elantech.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Use-after-free

EUVDB-ID: #VU90233

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47100

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cleanup_bmc_device() function in drivers/char/ipmi/ipmi_msghandler.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) Use of uninitialized resource

EUVDB-ID: #VU90882

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47101

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the asix_check_host_enable() function in drivers/net/usb/asix_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Resource management error

EUVDB-ID: #VU93625

Risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-47109

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the system when handling NUD_NOARP entries for IPv6. A remote attacker can fill up the neighbour table with enough entries that it will overflow for valid connections after that.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Buffer overflow

EUVDB-ID: #VU91208

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47110

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the kvm_crash_shutdown() and kvmclock_init() functions in arch/x86/kernel/kvmclock.c, within the kvm_guest_cpu_offline() function in arch/x86/kernel/kvm.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Buffer overflow

EUVDB-ID: #VU89259

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47112

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the Teardown PV features implementation in arch/x86/kernel/kvm.c. A local user can trigger memory corruption and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) Buffer overflow

EUVDB-ID: #VU89257

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47114

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in fs/ocfs2/file.c. A local user can trigger memory corruption and crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Buffer overflow

EUVDB-ID: #VU93162

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47117

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ext4_split_extent_at() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Use-after-free

EUVDB-ID: #VU90225

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47118

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the kernel_init_freeable() function in init/main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Memory leak

EUVDB-ID: #VU90018

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47119

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ext4_fill_super() and kfree() functions in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Input validation error

EUVDB-ID: #VU90860

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47120

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the magicmouse_probe() function in drivers/hid/hid-magicmouse.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Race condition

EUVDB-ID: #VU93382

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47130

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the nvmet_data_transfer_len(), nvmet_req_find_p2p_dev() and nvmet_req_free_sgls() functions in drivers/nvme/target/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Use of uninitialized resource

EUVDB-ID: #VU91680

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47136

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the tcf_classify_ingress() function in net/sched/cls_api.c, within the mlx5e_tc_update_skb() function in drivers/net/ethernet/mellanox/mlx5/core/en_tc.c, within the mlx5e_rep_tc_update_skb() function in drivers/net/ethernet/mellanox/mlx5/core/en/rep/tc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Buffer overflow

EUVDB-ID: #VU91206

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47137

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the xrx200_close(), xrx200_alloc_skb() and xrx200_hw_receive() functions in drivers/net/ethernet/lantiq_xrx200.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Out-of-bounds read

EUVDB-ID: #VU91402

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47138

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the clear_all_filters() function in drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Improper Initialization

EUVDB-ID: #VU91555

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47139

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the hns3_client_init() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) NULL pointer dereference

EUVDB-ID: #VU90619

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47141

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gve_free_notify_blocks() function in drivers/net/ethernet/google/gve/gve_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) Use-after-free

EUVDB-ID: #VU90222

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47142

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the amdgpu_ttm_tt_unpopulate() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Memory leak

EUVDB-ID: #VU91652

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47144

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the amdgpu_fbdev_destroy() function in drivers/gpu/drm/amd/amdgpu/amdgpu_fb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Memory leak

EUVDB-ID: #VU90014

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47150

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the fec_enet_init() function in drivers/net/ethernet/freescale/fec_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Improper error handling

EUVDB-ID: #VU92059

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47153

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the i801_check_post() function in drivers/i2c/busses/i2c-i801.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) Memory leak

EUVDB-ID: #VU91651

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47160

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mt7530_port_set_vlan_aware() function in drivers/net/dsa/mt7530.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Improper error handling

EUVDB-ID: #VU90953

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47161

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the dspi_probe() function in drivers/spi/spi-fsl-dspi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) Null pointer dereference

EUVDB-ID: #VU92393

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47164

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to null pointer dereference error within the mlx5e_rep_changelowerstate_event() function in drivers/net/ethernet/mellanox/mlx5/core/en/rep/bond.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) NULL pointer dereference

EUVDB-ID: #VU90615

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47165

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the meson_probe_remote() function in drivers/gpu/drm/meson/meson_drv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) Buffer overflow

EUVDB-ID: #VU93159

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47166

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the nfs_pageio_doio() and nfs_do_recoalesce() functions in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Input validation error

EUVDB-ID: #VU93691

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47167

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the nfs_pageio_do_add_request() function in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Buffer overflow

EUVDB-ID: #VU91205

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47168

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the filelayout_decode_layout() function in fs/nfs/filelayout/filelayout.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) NULL pointer dereference

EUVDB-ID: #VU90616

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47169

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the RP_ID(), rp2_remove_ports(), rp2_fw_cb(), rp2_probe() and rp2_remove() functions in drivers/tty/serial/rp2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) Buffer overflow

EUVDB-ID: #VU93401

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47170

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the proc_bulk() and proc_do_submiturb() functions in drivers/usb/core/devio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) Memory leak

EUVDB-ID: #VU90011

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47171

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smsc75xx_bind() function in drivers/net/usb/smsc75xx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Buffer overflow

EUVDB-ID: #VU93405

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47172

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ad7124_of_parse_channel_config() function in drivers/iio/adc/ad7124.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) Memory leak

EUVDB-ID: #VU90013

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47173

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the uss720_probe() function in drivers/usb/misc/uss720.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Resource management error

EUVDB-ID: #VU93207

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47174

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the nft_pipapo_avx2_lookup() function in net/netfilter/nft_set_pipapo_avx2.c, within the pipapo_refill() function in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) Out-of-bounds read

EUVDB-ID: #VU90338

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47175

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the fq_pie_qdisc_enqueue() function in net/sched/sch_fq_pie.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Input validation error

EUVDB-ID: #VU93690

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47176

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the dasd_fba_setup_blk_queue() function in drivers/s390/block/dasd_fba.c, within the dasd_diag_setup_blk_queue() function in drivers/s390/block/dasd_diag.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Information disclosure

EUVDB-ID: #VU91366

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47177

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the alloc_iommu() function in drivers/iommu/dmar.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) NULL pointer dereference

EUVDB-ID: #VU90617

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47179

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the _pnfs_return_layout() function in fs/nfs/pnfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) Memory leak

EUVDB-ID: #VU90012

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47180

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the EXPORT_SYMBOL() function in net/nfc/nci/core.c, within the nci_core_conn_create() and nci_hci_allocate() functions in include/net/nfc/nci_core.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) NULL pointer dereference

EUVDB-ID: #VU92071

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47181

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tusb_musb_init() function in drivers/usb/musb/tusb6010.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) NULL pointer dereference

EUVDB-ID: #VU90586

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47183

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the lpfc_sli_issue_abort_iotag() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

119) Improper locking

EUVDB-ID: #VU91528

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47185

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the flush_to_ldisc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

120) Race condition

EUVDB-ID: #VU93380

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47189

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the run_ordered_work() and normal_work_helper() functions in fs/btrfs/async-thread.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

121) Use-after-free

EUVDB-ID: #VU61181

Risk: Low

CVSSv4.0: 5.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2022-0487

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

122) Double Free

EUVDB-ID: #VU74053

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-4744

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the tun_free_netdev() function in the Linux kernel’s TUN/TAP device driver. A local user can trigger a double free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

123) Use-after-free

EUVDB-ID: #VU90261

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48626

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the moxart_remove() function in drivers/mmc/host/moxart-mmc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

124) Improper locking

EUVDB-ID: #VU90810

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-0160

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

125) Use-after-free

EUVDB-ID: #VU81923

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1192

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the smb2_is_status_io_timeout() function in Linux kernel. A local user can set environment variable to a specific value, trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

126) Information disclosure

EUVDB-ID: #VU87457

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-28746

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

127) Use-after-free

EUVDB-ID: #VU82758

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-35827

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local authenticated user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ravb_remove in drivers/net/ethernet/renesas/ravb_main.c. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

128) NULL pointer dereference

EUVDB-ID: #VU89244

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52454

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_pdu_iovec() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

129) Use-after-free

EUVDB-ID: #VU89235

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52469

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the kv_parse_power_table() function in drivers/gpu/drm/amd/amdgpu/kv_dpm.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

130) NULL pointer dereference

EUVDB-ID: #VU92074

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52470

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the radeon_crtc_init() function in drivers/gpu/drm/radeon/radeon_display.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

131) Improper locking

EUVDB-ID: #VU92053

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52474

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper locking within the build_vnic_ulp_payload() function in drivers/infiniband/hw/hfi1/vnic_sdma.c, within the build_verbs_tx_desc() function in drivers/infiniband/hw/hfi1/verbs.c, within the user_sdma_send_pkts(), add_system_pages_to_sdma_packet(), hfi1_user_sdma_process_request(), user_sdma_txadd_ahg(), sdma_cache_evict(), user_sdma_txreq_cb(), pq_update(), user_sdma_free_request(), set_comp_state() and sdma_rb_remove() functions in drivers/infiniband/hw/hfi1/user_sdma.c, within the sdma_unmap_desc(), ext_coal_sdma_tx_descs() and _pad_sdma_tx_descs() functions in drivers/infiniband/hw/hfi1/sdma.c, within the hfi1_mmu_rb_insert(), hfi1_mmu_rb_get_first(), __mmu_rb_search() and hfi1_mmu_rb_evict() functions in drivers/infiniband/hw/hfi1/mmu_rb.c, within the hfi1_ipoib_build_ulp_payload() function in drivers/infiniband/hw/hfi1/ipoib_tx.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

132) Out-of-bounds read

EUVDB-ID: #VU88821

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52476

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the branch_type() and get_branch_type() functions in arch/x86/events/utils.c. A local user can trigger an out-of-bounds read error and crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

133) Use of uninitialized resource

EUVDB-ID: #VU89393

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52477

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of uninitialized BOS descriptors in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

134) NULL pointer dereference

EUVDB-ID: #VU90626

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52492

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/dma/dmaengine.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

135) Memory leak

EUVDB-ID: #VU91657

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52500

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mpi_set_controller_config_resp() function in drivers/scsi/pm8001/pm80xx_hwi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

136) NULL pointer dereference

EUVDB-ID: #VU90634

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52508

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nvme_fc_io_getuuid() function in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

137) Use-after-free

EUVDB-ID: #VU89255

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52509

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user can escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ravb_close() function in drivers/net/ethernet/renesas/ravb_main.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

138) Use-after-free

EUVDB-ID: #VU90239

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52572

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_wake_up_task(), __release_mid(), wait_for_response(), cifs_sync_mid_result(), cifs_compound_callback(), compound_send_recv(), SendReceive() and SendReceiveBlockingLock() functions in fs/smb/client/transport.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

139) Improper locking

EUVDB-ID: #VU90802

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52583

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ceph_encode_dentry_release() function in fs/ceph/caps.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

140) Improper locking

EUVDB-ID: #VU91539

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52590

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ocfs2_rename() function in fs/ocfs2/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

141) Improper locking

EUVDB-ID: #VU91538

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52591

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the reiserfs_rename() function in fs/reiserfs/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

142) NULL pointer dereference

EUVDB-ID: #VU90841

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52607

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pgtable_cache_add() function in arch/powerpc/mm/init-common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

143) Stack-based buffer overflow

EUVDB-ID: #VU87901

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52628

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the nft_exthdr_sctp_eval(), nft_exthdr_tcp_eval(), and nft_exthdr_ipv6_eval() functions. A local user can pass specially crafted data to the system, trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

144) Use-after-free

EUVDB-ID: #VU91599

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6270

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

145) NULL pointer dereference

EUVDB-ID: #VU85854

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6356

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_iovec() function in the Linux kernel's NVMe driver. A remote attacker can pass specially crafted TCP packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

146) Race condition

EUVDB-ID: #VU85022

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6531

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition when the unix garbage collector's deletion of a SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

147) NULL pointer dereference

EUVDB-ID: #VU85853

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6535

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_execute_request() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

148) NULL pointer dereference

EUVDB-ID: #VU85852

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6536

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the __nvmet_req_complete() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

149) NULL pointer dereference

EUVDB-ID: #VU85422

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-7042

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can pass specially crafted data to the driver and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

150) Memory leak

EUVDB-ID: #VU86248

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-7192

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak within the ctnetlink_create_conntrack() function in net/netfilter/nf_conntrack_netlink.c. A local user with CAP_NET_ADMIN privileges can perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

151) NULL pointer dereference

EUVDB-ID: #VU87192

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-22099

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

152) NULL pointer dereference

EUVDB-ID: #VU89249

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26600

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in drivers/phy/ti/phy-omap-usb2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

153) Resource management error

EUVDB-ID: #VU91320

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-26614

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

154) Improper access control

EUVDB-ID: #VU88150

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26642

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

155) Double free

EUVDB-ID: #VU90929

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26704

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the ext4_move_extents() function in fs/ext4/move_extent.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

156) Buffer overflow

EUVDB-ID: #VU92952

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26733

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

dtb-amlogic: before 5.3.18-150300.59.158.1

dtb-nvidia: before 5.3.18-150300.59.158.1

dtb-apm: before 5.3.18-150300.59.158.1

dlm-kmp-64kb: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-rockchip: before 5.3.18-150300.59.158.1

kernel-64kb-extra: before 5.3.18-150300.59.158.1

dtb-arm: before 5.3.18-150300.59.158.1

kernel-64kb-optional: before 5.3.18-150300.59.158.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.158.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-zte: before 5.3.18-150300.59.158.1

dtb-cavium: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-marvell: before 5.3.18-150300.59.158.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-mediatek: before 5.3.18-150300.59.158.1

dtb-socionext: before 5.3.18-150300.59.158.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-broadcom: before 5.3.18-150300.59.158.1

dtb-al: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-xilinx: before 5.3.18-150300.59.158.1

dtb-exynos: before 5.3.18-150300.59.158.1

dtb-amd: before 5.3.18-150300.59.158.1

dtb-altera: before 5.3.18-150300.59.158.1

dtb-lg: before 5.3.18-150300.59.158.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.158.1

dtb-hisilicon: before 5.3.18-150300.59.158.1

dtb-allwinner: before 5.3.18-150300.59.158.1

kselftests-kmp-64kb: before 5.3.18-150300.59.158.1

dtb-freescale: before 5.3.18-150300.59.158.1

dtb-renesas: before 5.3.18-150300.59.158.1

dtb-sprd: before 5.3.18-150300.59.158.1

dtb-qcom: before 5.3.18-150300.59.158.1

dtb-aarch64: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.158.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.158.1

kernel-zfcpdump: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-extra: before 5.3.18-150300.59.158.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.158.1

dlm-kmp-preempt: before 5.3.18-150300.59.158.1

kernel-preempt-optional: before 5.3.18-150300.59.158.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-livepatch-5_3_18-150300_59_158-preempt: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo: before 1-150300.7.3.5

kernel-livepatch-SLE15-SP3_Update_43-debugsource: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default: before 1-150300.7.3.5

kernel-livepatch-5_3_18-150300_59_158-default-debuginfo: before 1-150300.7.3.5

kernel-default-base-rebuild: before 5.3.18-150300.59.158.1.150300.18.92.5

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

gfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-obs-qa: before 5.3.18-150300.59.158.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-optional: before 5.3.18-150300.59.158.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.158.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-default-livepatch: before 5.3.18-150300.59.158.1

dlm-kmp-default: before 5.3.18-150300.59.158.1

kernel-default-extra: before 5.3.18-150300.59.158.1

ocfs2-kmp-default: before 5.3.18-150300.59.158.1

cluster-md-kmp-default: before 5.3.18-150300.59.158.1

kselftests-kmp-default: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug-debugsource: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.158.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.158.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.158.1

kernel-debug-devel: before 5.3.18-150300.59.158.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.158.1

kernel-debug-debuginfo: before 5.3.18-150300.59.158.1

kernel-debug: before 5.3.18-150300.59.158.1

kernel-kvmsmall: before 5.3.18-150300.59.158.1

kernel-source-vanilla: before 5.3.18-150300.59.158.1

kernel-docs-html: before 5.3.18-150300.59.158.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-64kb-debugsource: before 5.3.18-150300.59.158.1

kernel-64kb-devel: before 5.3.18-150300.59.158.1

kernel-64kb: before 5.3.18-150300.59.158.1

kernel-preempt-devel: before 5.3.18-150300.59.158.1

kernel-preempt-debugsource: before 5.3.18-150300.59.158.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.158.1

kernel-preempt: before 5.3.18-150300.59.158.1

kernel-docs: before 5.3.18-150300.59.158.1

kernel-source: before 5.3.18-150300.59.158.1

kernel-devel: before 5.3.18-150300.59.158.1

kernel-macros: before 5.3.18-150300.59.158.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-devel: before 5.3.18-150300.59.158.1

kernel-obs-build: before 5.3.18-150300.59.158.1

kernel-default-debuginfo: before 5.3.18-150300.59.158.1

kernel-default-debugsource: before 5.3.18-150300.59.158.1

kernel-default-base: before 5.3.18-150300.59.158.1.150300.18.92.5

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.158.1

reiserfs-kmp-default: before 5.3.18-150300.59.158.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.158.1

kernel-syms: before 5.3.18-150300.59.158.1

kernel-default: before 5.3.18-150300.59.158.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###