SUSE update for the Linux Kernel



Published: 2024-08-20
Risk Medium
Patch available YES
Number of vulnerabilities 118
CVE-ID CVE-2023-38417
CVE-2023-47210
CVE-2023-51780
CVE-2023-52435
CVE-2023-52472
CVE-2023-52751
CVE-2023-52775
CVE-2024-25741
CVE-2024-26615
CVE-2024-26623
CVE-2024-26633
CVE-2024-26635
CVE-2024-26636
CVE-2024-26641
CVE-2024-26663
CVE-2024-26665
CVE-2024-26691
CVE-2024-26734
CVE-2024-26785
CVE-2024-26826
CVE-2024-26863
CVE-2024-26944
CVE-2024-27012
CVE-2024-27015
CVE-2024-27016
CVE-2024-27019
CVE-2024-27020
CVE-2024-27025
CVE-2024-27064
CVE-2024-27065
CVE-2024-27402
CVE-2024-27404
CVE-2024-35805
CVE-2024-35853
CVE-2024-35854
CVE-2024-35890
CVE-2024-35893
CVE-2024-35899
CVE-2024-35908
CVE-2024-35934
CVE-2024-35942
CVE-2024-36003
CVE-2024-36004
CVE-2024-36889
CVE-2024-36901
CVE-2024-36902
CVE-2024-36909
CVE-2024-36910
CVE-2024-36911
CVE-2024-36912
CVE-2024-36913
CVE-2024-36914
CVE-2024-36922
CVE-2024-36930
CVE-2024-36940
CVE-2024-36941
CVE-2024-36942
CVE-2024-36944
CVE-2024-36946
CVE-2024-36947
CVE-2024-36949
CVE-2024-36950
CVE-2024-36951
CVE-2024-36955
CVE-2024-36959
CVE-2024-36974
CVE-2024-38558
CVE-2024-38586
CVE-2024-38598
CVE-2024-38604
CVE-2024-38659
CVE-2024-39276
CVE-2024-39468
CVE-2024-39472
CVE-2024-39473
CVE-2024-39474
CVE-2024-39475
CVE-2024-39479
CVE-2024-39481
CVE-2024-39482
CVE-2024-39487
CVE-2024-39490
CVE-2024-39494
CVE-2024-39496
CVE-2024-39498
CVE-2024-39502
CVE-2024-39504
CVE-2024-39507
CVE-2024-40901
CVE-2024-40906
CVE-2024-40908
CVE-2024-40919
CVE-2024-40923
CVE-2024-40925
CVE-2024-40928
CVE-2024-40931
CVE-2024-40935
CVE-2024-40937
CVE-2024-40940
CVE-2024-40947
CVE-2024-40948
CVE-2024-40953
CVE-2024-40960
CVE-2024-40961
CVE-2024-40966
CVE-2024-40970
CVE-2024-40972
CVE-2024-40975
CVE-2024-40979
CVE-2024-40998
CVE-2024-40999
CVE-2024-41006
CVE-2024-41011
CVE-2024-41013
CVE-2024-41014
CVE-2024-41017
CVE-2024-41090
CVE-2024-41091
CWE-ID CWE-20
CWE-362
CWE-119
CWE-476
CWE-416
CWE-399
CWE-908
CWE-824
CWE-125
CWE-667
CWE-401
CWE-366
CWE-388
CWE-200
CWE-415
CWE-369
CWE-665
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Workstation Extension 15
Operating systems & Components / Operating system

Legacy Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

Development Tools Module
Operating systems & Components / Operating system

Basesystem Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15
Operating systems & Components / Operating system

kernel-64kb
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-livepatch-devel
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

dtb-apple
Operating systems & Components / Operating system package or component

dtb-amazon
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP6_Update_3-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_23_17-default
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-vdso
Operating systems & Components / Operating system package or component

kernel-default-vdso
Operating systems & Components / Operating system package or component

kernel-debug-vdso
Operating systems & Components / Operating system package or component

kernel-kvmsmall-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 118 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU96264

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-38417

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker on the local network can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU96262

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-47210

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker on the local network can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Race condition

EUVDB-ID: #VU85024

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-51780

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in the ATM (Asynchronous Transfer Mode) subsystem in Linux kernel. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

EUVDB-ID: #VU87748

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52435

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the skb_segment() function. A local user can trigger memory corruption and crash the kernel.


Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) NULL pointer dereference

EUVDB-ID: #VU91244

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52472

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the rsa_check_exponent_fips() function in crypto/rsa.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU90063

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52751

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the find_or_create_cached_dir(), spin_unlock() and open_cached_dir() functions in fs/smb/client/cached_dir.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Buffer overflow

EUVDB-ID: #VU93425

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52775

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the smcr_clnt_conf_first_link() function in net/smc/af_smc.c when handling SMC DECLINE messages. A remote attacker can send specially crafted SMC DECLINE message to the system, trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource management error

EUVDB-ID: #VU94364

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-25741

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the printer_write() in drivers/usb/gadget/function/f_printer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU90627

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26615

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __smc_diag_dump() function in net/smc/smc_diag.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) NULL pointer dereference

EUVDB-ID: #VU90630

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26623

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pdsc_setup(), pdsc_stop() and pdsc_fw_down() functions in drivers/net/ethernet/amd/pds_core/core.c, within the pdsc_process_notifyq(), pdsc_process_adminq(), pds_core_intr_credits(), pdsc_adminq_isr(), pdsc_adminq_post() and queue_work() functions in drivers/net/ethernet/amd/pds_core/adminq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Input validation error

EUVDB-ID: #VU89267

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26633

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in NEXTHDR_FRAGMENT handling within the ip6_tnl_parse_tlv_enc_lim() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use of uninitialized resource

EUVDB-ID: #VU90880

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26635

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the cpu_to_be16() function in net/llc/llc_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Input validation error

EUVDB-ID: #VU90859

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26636

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the llc_ui_sendmsg() function in net/llc/af_llc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Access of Uninitialized Pointer

EUVDB-ID: #VU89396

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26641

CWE-ID: CWE-824 - Access of Uninitialized Pointer

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to access to uninitialized data within the __ip6_tnl_rcv() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) NULL pointer dereference

EUVDB-ID: #VU92073

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26663

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tipc_nl_bearer_add() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Out-of-bounds read

EUVDB-ID: #VU90336

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26665

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the iptunnel_pmtud_build_icmpv6() function in net/ipv4/ip_tunnel_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Improper locking

EUVDB-ID: #VU91532

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26691

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the kvm_hyp_reserve(), __pkvm_create_hyp_vm() and pkvm_create_hyp_vm() functions in arch/arm64/kvm/pkvm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory leak

EUVDB-ID: #VU90009

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26734

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the devlink_init() function in net/devlink/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Improper locking

EUVDB-ID: #VU92040

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26785

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the iommufd_test_syz_conv_iova(), iommufd_test_syz_conv_iova_id(), iommufd_test_access_pages() and iommufd_test_access_rw() functions in drivers/iommu/iommufd/selftest.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Improper locking

EUVDB-ID: #VU92038

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26826

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __mptcp_retransmit_pending_data() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use of uninitialized resource

EUVDB-ID: #VU90877

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26863

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the hsr_get_node() function in net/hsr/hsr_framereg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU90182

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26944

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btrfs_load_block_group_zone_info(), bitmap_free() and do_zone_finish() functions in fs/btrfs/zoned.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Memory leak

EUVDB-ID: #VU90461

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27012

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nft_rbtree_activate() and nft_rbtree_walk() functions in net/netfilter/nft_set_rbtree.c, within the nft_pipapo_activate() and nft_pipapo_walk() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_activate(), nft_rhash_walk(), nft_hash_activate() and nft_hash_walk() functions in net/netfilter/nft_set_hash.c, within the nft_bitmap_activate() and nft_bitmap_walk() functions in net/netfilter/nft_set_bitmap.c, within the nft_mapelem_deactivate(), nft_map_catchall_deactivate(), nft_setelem_validate(), nf_tables_bind_check_setelem(), nft_mapelem_activate(), nft_map_catchall_activate(), nf_tables_dump_setelem(), nft_setelem_activate(), nft_setelem_flush() and nf_tables_loop_check_setelem() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Input validation error

EUVDB-ID: #VU94132

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27015

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the nf_flow_tuple_encap() function in net/netfilter/nf_flow_table_ip.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Input validation error

EUVDB-ID: #VU94131

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27016

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the nf_flow_xmit_xfrm(), nf_flow_skb_encap_protocol() and nf_flow_encap_pop() functions in net/netfilter/nf_flow_table_ip.c, within the nf_flow_offload_inet_hook() function in net/netfilter/nf_flow_table_inet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Race condition within a thread

EUVDB-ID: #VU91431

Risk: Low

CVSSv3.1: 4.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27019

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a data race within the __nft_obj_type_get() and nft_obj_type_get() functions in net/netfilter/nf_tables_api.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Race condition within a thread

EUVDB-ID: #VU91432

Risk: Low

CVSSv3.1: 6.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27020

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to a data race within the __nft_expr_type_get() and nft_expr_type_get() functions in net/netfilter/nf_tables_api.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper error handling

EUVDB-ID: #VU93453

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27025

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the nbd_genl_status() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Memory leak

EUVDB-ID: #VU89993

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27064

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nf_tables_updchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Resource management error

EUVDB-ID: #VU94105

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27065

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the nf_tables_updtable() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Improper locking

EUVDB-ID: #VU92026

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27402

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the pep_sock_enable() and pep_ioctl() functions in net/phonet/pep.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Race condition within a thread

EUVDB-ID: #VU91428

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27404

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to a data race within the subflow_finish_connect(), __mptcp_subflow_connect() and subflow_ulp_clone() functions in net/mptcp/subflow.c, within the fill_remote_addresses_vec() and mptcp_pm_nl_rm_addr_or_subflow() functions in net/mptcp/pm_netlink.c. A local user can manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Improper locking

EUVDB-ID: #VU91519

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35805

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dm_exception_table_exit() function in drivers/md/dm-snap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Memory leak

EUVDB-ID: #VU89984

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35853

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mlxsw_sp_acl_tcam_vchunk_migrate_start() and mlxsw_sp_acl_tcam_vregion_migrate() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Use-after-free

EUVDB-ID: #VU90162

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35854

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_vregion_rehash() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Improper error handling

EUVDB-ID: #VU93651

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35890

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the skb_gro_receive_list() and skb_gro_receive() functions in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Memory leak

EUVDB-ID: #VU93609

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35893

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tcf_skbmod_dump() function in net/sched/act_skbmod.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Use-after-free

EUVDB-ID: #VU90160

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35899

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nf_tables_module_exit() function in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Improper locking

EUVDB-ID: #VU91516

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35908

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the tls_sw_recvmsg() function in net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Improper locking

EUVDB-ID: #VU92020

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35934

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smc_pnet_create_pnetids_list() function in net/smc/smc_pnet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Resource management error

EUVDB-ID: #VU93840

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35942

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the drivers/pmdomain/imx/imx8mp-blk-ctrl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Improper locking

EUVDB-ID: #VU90750

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36003

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ice_reset_vf() function in drivers/net/ethernet/intel/ice/ice_vf_lib.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Resource management error

EUVDB-ID: #VU93281

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36004

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the i40e_init_module() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Use of uninitialized resource

EUVDB-ID: #VU90975

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36889

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) NULL pointer dereference

EUVDB-ID: #VU91224

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36901

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ip6_output() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) NULL pointer dereference

EUVDB-ID: #VU91222

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36902

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __fib6_rule_action() function in net/ipv6/fib6_rules.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Use-after-free

EUVDB-ID: #VU93085

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36909

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vmbus_free_ring() function in drivers/hv/channel.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Use-after-free

EUVDB-ID: #VU93345

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36910

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hv_uio_cleanup() and hv_uio_probe() functions in drivers/uio/uio_hv_generic.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Use-after-free

EUVDB-ID: #VU93346

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36911

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the free_netvsc_device() function in drivers/net/hyperv/netvsc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Information disclosure

EUVDB-ID: #VU91324

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36912

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the __vmbus_establish_gpadl() and kfree() functions in drivers/hv/channel.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Information disclosure

EUVDB-ID: #VU91323

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36913

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the vmbus_connect() and vmbus_disconnect() functions in drivers/hv/connection.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Out-of-bounds read

EUVDB-ID: #VU90269

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36914

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dm_resume(), get_highest_refresh_rate_mode() and amdgpu_dm_commit_audio() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Improper locking

EUVDB-ID: #VU92009

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36922

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the iwl_txq_reclaim() function in drivers/net/wireless/intel/iwlwifi/queue/tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) NULL pointer dereference

EUVDB-ID: #VU90385

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36930

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __spi_sync() function in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Double Free

EUVDB-ID: #VU90885

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36940

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the pinctrl_enable() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) NULL pointer dereference

EUVDB-ID: #VU90528

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36941

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nl80211_set_coalesce() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Memory leak

EUVDB-ID: #VU89927

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36942

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the qca_download_firmware() function in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Improper locking

EUVDB-ID: #VU91502

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36944

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qxl_fence_wait() function in drivers/gpu/drm/qxl/qxl_release.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Buffer overflow

EUVDB-ID: #VU93469

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36946

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the rtm_phonet_notify() function in net/phonet/pn_netlink.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Memory leak

EUVDB-ID: #VU91614

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36947

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the remove_device_files() function in drivers/infiniband/hw/qib/qib_fs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Improper locking

EUVDB-ID: #VU93436

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36949

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the kgd2kfd_suspend() and kgd2kfd_resume() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Improper error handling

EUVDB-ID: #VU92055

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36950

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the bus_reset_work() and irq_handler() functions in drivers/firewire/ohci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Input validation error

EUVDB-ID: #VU94122

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36951

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the event_interrupt_wq_v9() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v9.c, within the event_interrupt_wq_v11() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v11.c, within the event_interrupt_wq_v10() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v10.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Memory leak

EUVDB-ID: #VU91613

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36955

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the is_link_enabled() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Information disclosure

EUVDB-ID: #VU91321

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36959

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Input validation error

EUVDB-ID: #VU93310

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36974

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the taprio_parse_mqprio_opt() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Input validation error

EUVDB-ID: #VU94117

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38558

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when parsing ICMPv6 packets within the parse_icmpv6() function in net/openvswitch/flow.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Buffer overflow

EUVDB-ID: #VU93134

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38586

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the rtl8169_doorbell() and rtl8169_start_xmit() functions in drivers/net/ethernet/realtek/r8169_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Out-of-bounds read

EUVDB-ID: #VU92320

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38598

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the __acquires() function in drivers/md/md-bitmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Resource management error

EUVDB-ID: #VU93291

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38604

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the blkdev_iomap_begin() function in block/fops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Out-of-bounds read

EUVDB-ID: #VU93080

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38659

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the enic_set_vf_port() function in drivers/net/ethernet/cisco/enic/enic_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Memory leak

EUVDB-ID: #VU93320

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39276

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ext4_xattr_block_cache_find() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Improper locking

EUVDB-ID: #VU93335

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39468

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smb2_find_smb_tcon() function in fs/smb/client/smb2transport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Out-of-bounds read

EUVDB-ID: #VU93820

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39472

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the xlog_do_recovery_pass() function in fs/xfs/xfs_log_recover.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) NULL pointer dereference

EUVDB-ID: #VU93822

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39473

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sof_ipc4_get_input_pin_audio_fmt() function in sound/soc/sof/ipc4-topology.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) NULL pointer dereference

EUVDB-ID: #VU93823

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39474

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vm_area_alloc_pages() function in mm/vmalloc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Division by zero

EUVDB-ID: #VU93828

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39475

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the savagefb_probe() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Use-after-free

EUVDB-ID: #VU93819

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39479

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the i915_hwmon_register() function in drivers/gpu/drm/i915/i915_hwmon.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Input validation error

EUVDB-ID: #VU93831

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39481

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the media_pipeline_explore_next_link() function in drivers/media/mc/mc-entity.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) Out-of-bounds read

EUVDB-ID: #VU93821

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39482

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bch_dirty_init_thread() and bch_sectors_dirty_init() functions in drivers/md/bcache/writeback.c, within the bch_root_usage() function in drivers/md/bcache/sysfs.c, within the bch_cache_set_alloc() function in drivers/md/bcache/super.c, within the btree_gc_mark_node(), btree_gc_rewrite_node(), btree_gc_recurse(), bch_btree_check_recurse(), bch_btree_check_thread(), bch_btree_check(), bch_btree_map_nodes_recurse() and bch_btree_map_keys_recurse() functions in drivers/md/bcache/btree.c, within the bch_dump_bucket(), __bch_check_keys(), bch_btree_insert_key(), bch_btree_iter_push(), bch_btree_sort_partial() and bch_btree_sort_into() functions in drivers/md/bcache/bset.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Out-of-bounds read

EUVDB-ID: #VU93889

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39487

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bond_option_arp_ip_targets_set() function in drivers/net/bonding/bond_options.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Memory leak

EUVDB-ID: #VU94085

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39490

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the seg6_input_core() function in net/ipv6/seg6_iptunnel.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Use-after-free

EUVDB-ID: #VU94223

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39494

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ima_eventname_init_common() function in security/integrity/ima/ima_template_lib.c, within the ima_collect_measurement() and ima_d_path() functions in security/integrity/ima/ima_api.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) Use-after-free

EUVDB-ID: #VU94231

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39496

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btrfs_load_zone_info() function in fs/btrfs/zoned.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) NULL pointer dereference

EUVDB-ID: #VU94251

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39498

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nv50_msto_cleanup() function in drivers/gpu/drm/nouveau/dispnv50/disp.c, within the intel_mst_enable_dp() function in drivers/gpu/drm/i915/display/intel_dp_mst.c, within the EXPORT_SYMBOL() function in drivers/gpu/drm/display/drm_dp_mst_topology.c, within the dm_helpers_dp_mst_send_payload_allocation() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) NULL pointer dereference

EUVDB-ID: #VU94261

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39502

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ionic_qcq_enable() function in drivers/net/ethernet/pensando/ionic/ionic_lif.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) NULL pointer dereference

EUVDB-ID: #VU94260

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39504

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nft_payload_inner_init() function in net/netfilter/nft_payload.c, within the nft_meta_inner_init() function in net/netfilter/nft_meta.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Improper locking

EUVDB-ID: #VU94284

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39507

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the hclge_push_link_status(), hclge_update_link_status(), hclge_uninit_need_wait() and hclge_uninit_client_instance() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Out-of-bounds read

EUVDB-ID: #VU94233

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40901

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mpt3sas_base_attach() and _base_check_ioc_facts_changes() functions in drivers/scsi/mpt3sas/mpt3sas_base.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Memory leak

EUVDB-ID: #VU94202

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40906

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mlx5_function_teardown() function in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Input validation error

EUVDB-ID: #VU94316

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40908

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __bpf_prog_test_run_raw_tp() function in net/bpf/test_run.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) NULL pointer dereference

EUVDB-ID: #VU94254

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40919

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __hwrm_send() function in drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Improper error handling

EUVDB-ID: #VU94290

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40923

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the vmxnet3_rq_destroy_all_rxdataring() function in drivers/net/vmxnet3/vmxnet3_drv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) Improper Initialization

EUVDB-ID: #VU94298

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40925

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the blk_flush_complete_seq() and flush_end_io() functions in block/blk-flush.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) NULL pointer dereference

EUVDB-ID: #VU94252

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40928

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ethtool_get_phy_stats_ethtool() function in net/ethtool/ioctl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Use of uninitialized resource

EUVDB-ID: #VU94293

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40931

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Use-after-free

EUVDB-ID: #VU94219

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40935

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cachefiles_daemon_open() function in fs/cachefiles/daemon.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Double free

EUVDB-ID: #VU94289

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40937

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the gve_rx_skb_hash() and gve_rx_poll_dqo() functions in drivers/net/ethernet/google/gve/gve_rx_dqo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) Input validation error

EUVDB-ID: #VU94322

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40940

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the mlx5_lag_create_port_sel_table() function in drivers/net/ethernet/mellanox/mlx5/core/lag/port_sel.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Use-after-free

EUVDB-ID: #VU94218

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40947

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the smack_post_notification() function in security/smack/smack_lsm.c, within the selinux_audit_rule_free() and selinux_audit_rule_init() functions in security/selinux/ss/services.c, within the security_key_getsecurity() function in security/security.c, within the ima_free_rule(), ima_lsm_copy_rule(), ima_lsm_update_rule() and ima_lsm_rule_init() functions in security/integrity/ima/ima_policy.c, within the aa_audit_rule_free() and aa_audit_rule_init() functions in security/apparmor/audit.c, within the audit_data_to_entry() and audit_dupe_lsm_field() functions in kernel/auditfilter.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) Input validation error

EUVDB-ID: #VU94286

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40948

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the page_table_check_clear(), page_table_check_set() and __page_table_check_zero() functions in mm/page_table_check.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Out-of-bounds read

EUVDB-ID: #VU94236

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40953

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the kvm_vcpu_on_spin() function in virt/kvm/kvm_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) NULL pointer dereference

EUVDB-ID: #VU94245

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40960

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the rt6_probe() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) NULL pointer dereference

EUVDB-ID: #VU94244

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40961

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fib6_nh_init() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Improper locking

EUVDB-ID: #VU94275

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40966

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the con_cleanup() function in drivers/tty/vt/vt.c, within the tty_set_ldisc() function in drivers/tty/tty_ldisc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) Resource management error

EUVDB-ID: #VU94300

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40970

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the axi_desc_alloc(), axi_desc_get() and axi_chan_block_xfer_complete() functions in drivers/dma/dw-axi-dmac/dw-axi-dmac-platform.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) Improper locking

EUVDB-ID: #VU94272

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40972

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ext4_xattr_set_entry(), iput(), ext4_xattr_block_set() and ext4_xattr_ibody_set() functions in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) Resource management error

EUVDB-ID: #VU94306

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40975

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the x86_android_tablet_remove() function in drivers/platform/x86/x86-android-tablets/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Memory leak

EUVDB-ID: #VU94208

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40979

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ath12k_qmi_free_target_mem_chunk(), ath12k_qmi_alloc_target_mem_chunk() and ath12k_qmi_m3_load() functions in drivers/net/wireless/ath/ath12k/qmi.c, within the ath12k_core_reset() function in drivers/net/wireless/ath/ath12k/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) Improper locking

EUVDB-ID: #VU94266

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40998

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __ext4_fill_super() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Input validation error

EUVDB-ID: #VU94287

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-40999

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ena_com_cdesc_rx_pkt_get() and ena_com_rx_pkt() functions in drivers/net/ethernet/amazon/ena/ena_eth_com.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) Memory leak

EUVDB-ID: #VU94213

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41006

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nr_heartbeat_expiry() function in net/netrom/nr_timer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Input validation error

EUVDB-ID: #VU94530

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41011

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the kfd_ioctl_alloc_memory_of_gpu(), criu_restore_memory_of_gpu() and kfd_mmio_mmap() functions in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Out-of-bounds read

EUVDB-ID: #VU94835

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41013

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the __xfs_dir3_data_check() function in fs/xfs/libxfs/xfs_dir2_data.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) Out-of-bounds read

EUVDB-ID: #VU94836

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41014

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the xlog_recover_process_data() function in fs/xfs/xfs_log_recover.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) Input validation error

EUVDB-ID: #VU94843

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41017

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __jfs_getxattr() and jfs_listxattr() functions in fs/jfs/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) Out-of-bounds read

EUVDB-ID: #VU94840

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41090

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the tap_get_user_xdp() function in drivers/net/tap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) Out-of-bounds read

EUVDB-ID: #VU94841

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41091

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the tun_xdp_one() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.17.1

dtb-lg: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-apm: before 6.4.0-150600.23.17.1

dtb-hisilicon: before 6.4.0-150600.23.17.1

dtb-amlogic: before 6.4.0-150600.23.17.1

dtb-broadcom: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-sprd: before 6.4.0-150600.23.17.1

dtb-socionext: before 6.4.0-150600.23.17.1

dtb-amd: before 6.4.0-150600.23.17.1

dtb-qcom: before 6.4.0-150600.23.17.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-optional: before 6.4.0-150600.23.17.1

dtb-renesas: before 6.4.0-150600.23.17.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.17.1

dtb-altera: before 6.4.0-150600.23.17.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-64kb-debugsource: before 6.4.0-150600.23.17.1

dtb-allwinner: before 6.4.0-150600.23.17.1

dtb-freescale: before 6.4.0-150600.23.17.1

kernel-64kb-extra: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.17.1

kernel-64kb-livepatch-devel: before 6.4.0-150600.23.17.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-64kb: before 6.4.0-150600.23.17.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.17.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-cavium: before 6.4.0-150600.23.17.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.17.1

dtb-exynos: before 6.4.0-150600.23.17.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-arm: before 6.4.0-150600.23.17.1

dtb-mediatek: before 6.4.0-150600.23.17.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.17.1

dtb-xilinx: before 6.4.0-150600.23.17.1

dtb-marvell: before 6.4.0-150600.23.17.1

dtb-rockchip: before 6.4.0-150600.23.17.1

dtb-apple: before 6.4.0-150600.23.17.1

dtb-amazon: before 6.4.0-150600.23.17.1

dtb-nvidia: before 6.4.0-150600.23.17.1

kernel-64kb-devel: before 6.4.0-150600.23.17.1

dtb-aarch64: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.17.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.17.1

kernel-zfcpdump: before 6.4.0-150600.23.17.1

kernel-livepatch-SLE15-SP6_Update_3-debugsource: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default-debuginfo: before 1-150600.13.3.1

kernel-livepatch-6_4_0-150600_23_17-default: before 1-150600.13.3.1

kernel-kvmsmall: before 6.4.0-150600.23.17.1

kernel-default: before 6.4.0-150600.23.17.1

kernel-default-debuginfo: before 6.4.0-150600.23.17.1

gfs2-kmp-default: before 6.4.0-150600.23.17.1

cluster-md-kmp-default: before 6.4.0-150600.23.17.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-default-extra: before 6.4.0-150600.23.17.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default: before 6.4.0-150600.23.17.1

kernel-syms: before 6.4.0-150600.23.17.1

kernel-default-livepatch: before 6.4.0-150600.23.17.1

kernel-obs-qa: before 6.4.0-150600.23.17.1

dlm-kmp-default: before 6.4.0-150600.23.17.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.17.1

kernel-obs-build: before 6.4.0-150600.23.17.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.17.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kselftests-kmp-default: before 6.4.0-150600.23.17.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-devel: before 6.4.0-150600.23.17.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-optional: before 6.4.0-150600.23.17.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.17.1

ocfs2-kmp-default: before 6.4.0-150600.23.17.1

kernel-default-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-base-rebuild: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-default-base: before 6.4.0-150600.23.17.1.150600.12.6.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-kvmsmall-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.17.1

kernel-default-vdso: before 6.4.0-150600.23.17.1

kernel-debug-vdso: before 6.4.0-150600.23.17.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.17.1

kernel-debug-devel: before 6.4.0-150600.23.17.1

kernel-debug-debugsource: before 6.4.0-150600.23.17.1

kernel-debug-livepatch-devel: before 6.4.0-150600.23.17.1

kernel-debug: before 6.4.0-150600.23.17.1

kernel-source: before 6.4.0-150600.23.17.1

kernel-macros: before 6.4.0-150600.23.17.1

kernel-devel: before 6.4.0-150600.23.17.1

kernel-source-vanilla: before 6.4.0-150600.23.17.1

kernel-docs-html: before 6.4.0-150600.23.17.3

kernel-docs: before 6.4.0-150600.23.17.3

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242802-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###