SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 29
CVE-ID CVE-2020-26558
CVE-2021-0129
CVE-2021-47126
CVE-2021-47219
CVE-2021-47291
CVE-2021-47506
CVE-2021-47520
CVE-2021-47580
CVE-2021-47598
CVE-2021-47600
CVE-2022-48792
CVE-2022-48821
CVE-2022-48822
CVE-2023-52686
CVE-2023-52885
CVE-2024-26583
CVE-2024-26584
CVE-2024-26585
CVE-2024-26800
CVE-2024-36974
CVE-2024-38559
CVE-2024-39494
CVE-2024-40937
CVE-2024-40956
CVE-2024-41011
CVE-2024-41059
CVE-2024-41069
CVE-2024-41090
CVE-2024-42145
CWE-ID CWE-254
CWE-284
CWE-125
CWE-416
CWE-401
CWE-476
CWE-362
CWE-388
CWE-20
CWE-415
CWE-908
CWE-119
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP3 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Enterprise Storage
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

kernel-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

dtb-al
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-zte
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

kernel-64kb-livepatch-devel
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-extra-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-optional-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-livepatch-devel
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-devel
Operating systems & Components / Operating system package or component

kernel-preempt-devel-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-debugsource
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-optional
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-extra
Operating systems & Components / Operating system package or component

kernel-preempt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_170-preempt
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP3_Update_47-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_170-default
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 29 vulnerabilities.

1) Security features bypass

EUVDB-ID: #VU53579

Risk: Low

CVSSv3.1: 4.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-26558

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to an impersonation in the Passkey Entry protocol flaw. A remote attacker on the local network can perform a man-in-the-middle (MITM) attack and impersonate the initiating device without any previous knowledge.

Note: This vulnerability affects the following specifications:

  • BR/EDR Secure Simple Pairing in Bluetooth Core Specifications 2.1 through 5.2
  • BR/EDR Secure Connections Pairing in Bluetooth Core Specifications 4.1 through 5.2 
  • LE Secure Connections Pairing in Bluetooth Core Specifications 4.2 through 5.2

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper access control

EUVDB-ID: #VU54202

Risk: Low

CVSSv3.1: 5.6 [CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0129

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote authenticated attacker on the local network can bypass implemented security restrictions and enable information disclosure

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU90339

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47126

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ip6_route_info_create() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU90324

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47219

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the resp_report_tgtpgs() function in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU90293

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47291

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ip6_route_info_create() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU90052

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47506

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hash_delegation_locked(), unhash_delegation_locked() and nfsd4_cb_recall_prepare() functions in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU91053

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47520

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the pch_can_rx_normal() function in drivers/net/can/pch_can.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Out-of-bounds read

EUVDB-ID: #VU92318

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47580

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the p_fill_from_dev_buffer(), resp_inquiry(), resp_requests(), resp_mode_sense(), resp_ie_l_pg(), resp_log_sense() and resp_report_zones() functions in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU92302

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47598

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cake_init() function in net/sched/sch_cake.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Use-after-free

EUVDB-ID: #VU92303

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47600

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rebalance_children() function in drivers/md/persistent-data/dm-btree-remove.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU94420

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48792

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mpi_ssp_completion() and mpi_sata_completion() functions in drivers/scsi/pm8001/pm80xx_hwi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU94417

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48821

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fastrpc_dmabuf_alloc() function in drivers/misc/fastrpc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Memory leak

EUVDB-ID: #VU94403

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48822

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ffs_data_put(), ffs_data_new(), ffs_epfiles_destroy() and ffs_func_eps_disable() functions in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) NULL pointer dereference

EUVDB-ID: #VU90548

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52686

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the opal_event_init() function in arch/powerpc/platforms/powernv/opal-irqchip.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU94326

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52885

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the svc_tcp_listen_data_ready() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Race condition

EUVDB-ID: #VU87596

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26583

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition between async notify and socket close in TLS implementation in net/tls/tls_sw.c. A remote attacker can send specially crafted traffic to the system, trigger a race condition and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Error handling

EUVDB-ID: #VU89001

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26584

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when handling backlogging of crypto requests in net/tls/tls_sw.c. A remote attacker can send specially crafted traffic to the system and perform a denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Race condition

EUVDB-ID: #VU89251

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26585

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the tls_encrypt_done() function in net/tls/tls_sw.c. A remote attacker user can send specially crafted requests to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU90210

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26800

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the struct_group(), tls_do_decryption() and tls_decrypt_sg() functions in net/tls/tls_sw.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Input validation error

EUVDB-ID: #VU93310

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36974

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the taprio_parse_mqprio_opt() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Out-of-bounds read

EUVDB-ID: #VU92328

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38559

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the qedf_dbg_debug_cmd_write() function in drivers/scsi/qedf/qedf_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU94223

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39494

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ima_eventname_init_common() function in security/integrity/ima/ima_template_lib.c, within the ima_collect_measurement() and ima_d_path() functions in security/integrity/ima/ima_api.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Double free

EUVDB-ID: #VU94289

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40937

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the gve_rx_skb_hash() and gve_rx_poll_dqo() functions in drivers/net/ethernet/google/gve/gve_rx_dqo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU94216

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40956

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the irq_process_work_list() function in drivers/dma/idxd/irq.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Input validation error

EUVDB-ID: #VU94530

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41011

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the kfd_ioctl_alloc_memory_of_gpu(), criu_restore_memory_of_gpu() and kfd_mmio_mmap() functions in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use of uninitialized resource

EUVDB-ID: #VU95033

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41059

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the hfsplus_listxattr() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free

EUVDB-ID: #VU94943

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41069

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the soc_tplg_dapm_graph_elems_load() function in sound/soc/soc-topology.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Out-of-bounds read

EUVDB-ID: #VU94840

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41090

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the tap_get_user_xdp() function in drivers/net/tap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Buffer overflow

EUVDB-ID: #VU95054

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-42145

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the MODULE_AUTHOR(), __get_agent(), send_handler(), recv_handler() and ib_umad_read() functions in drivers/infiniband/core/user_mad.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.170.1

kernel-64kb-devel: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-sprd: before 5.3.18-150300.59.170.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.170.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-amlogic: before 5.3.18-150300.59.170.1

dtb-altera: before 5.3.18-150300.59.170.1

dtb-xilinx: before 5.3.18-150300.59.170.1

dtb-arm: before 5.3.18-150300.59.170.1

dtb-marvell: before 5.3.18-150300.59.170.1

dtb-amd: before 5.3.18-150300.59.170.1

kernel-64kb-extra: before 5.3.18-150300.59.170.1

kernel-64kb-debugsource: before 5.3.18-150300.59.170.1

dtb-allwinner: before 5.3.18-150300.59.170.1

dtb-al: before 5.3.18-150300.59.170.1

gfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-freescale: before 5.3.18-150300.59.170.1

dtb-cavium: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.170.1

dtb-hisilicon: before 5.3.18-150300.59.170.1

kselftests-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-rockchip: before 5.3.18-150300.59.170.1

dtb-exynos: before 5.3.18-150300.59.170.1

dtb-renesas: before 5.3.18-150300.59.170.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-zte: before 5.3.18-150300.59.170.1

dtb-nvidia: before 5.3.18-150300.59.170.1

dtb-apm: before 5.3.18-150300.59.170.1

dtb-socionext: before 5.3.18-150300.59.170.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.170.1

dtb-broadcom: before 5.3.18-150300.59.170.1

dtb-lg: before 5.3.18-150300.59.170.1

dtb-qcom: before 5.3.18-150300.59.170.1

dlm-kmp-64kb: before 5.3.18-150300.59.170.1

dtb-mediatek: before 5.3.18-150300.59.170.1

dtb-aarch64: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.170.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.170.1

kernel-zfcpdump: before 5.3.18-150300.59.170.1

kernel-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-devel: before 5.3.18-150300.59.170.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.170.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-preempt-debugsource: before 5.3.18-150300.59.170.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-optional: before 5.3.18-150300.59.170.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kselftests-kmp-preempt: before 5.3.18-150300.59.170.1

kernel-preempt-extra: before 5.3.18-150300.59.170.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.170.1

kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-preempt: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_47-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_170-default-debuginfo: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.170.1

ocfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel: before 5.3.18-150300.59.170.1

kernel-syms: before 5.3.18-150300.59.170.1

gfs2-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.170.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

reiserfs-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.170.1

kernel-obs-qa: before 5.3.18-150300.59.170.1

kselftests-kmp-default: before 5.3.18-150300.59.170.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.170.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

cluster-md-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-base: before 5.3.18-150300.59.170.1.150300.18.100.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch: before 5.3.18-150300.59.170.1

kernel-default-extra: before 5.3.18-150300.59.170.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-debugsource: before 5.3.18-150300.59.170.1

kernel-obs-build: before 5.3.18-150300.59.170.1

kernel-default-optional: before 5.3.18-150300.59.170.1

dlm-kmp-default: before 5.3.18-150300.59.170.1

kernel-default-base-rebuild: before 5.3.18-150300.59.170.1.150300.18.100.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.170.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-devel: before 5.3.18-150300.59.170.1

kernel-debug-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.170.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.170.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.170.1

kernel-debug-debuginfo: before 5.3.18-150300.59.170.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.170.1

kernel-debug: before 5.3.18-150300.59.170.1

kernel-kvmsmall: before 5.3.18-150300.59.170.1

kernel-devel: before 5.3.18-150300.59.170.1

kernel-docs-html: before 5.3.18-150300.59.170.2

kernel-source-vanilla: before 5.3.18-150300.59.170.1

kernel-macros: before 5.3.18-150300.59.170.1

kernel-source: before 5.3.18-150300.59.170.1

kernel-docs: before 5.3.18-150300.59.170.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242948-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###