SUSE update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)



Risk Medium
Patch available YES
Number of vulnerabilities 15
CVE-ID CVE-2021-46955
CVE-2021-47378
CVE-2021-47383
CVE-2021-47402
CVE-2022-48651
CVE-2023-1829
CVE-2023-6531
CVE-2023-6546
CVE-2024-23307
CVE-2024-26610
CVE-2024-26828
CVE-2024-26852
CVE-2024-26923
CVE-2024-27398
CVE-2024-35950
CWE-ID CWE-125
CWE-416
CWE-362
CWE-190
CWE-119
CWE-191
CWE-667
Exploitation vector Network
Public exploit Public exploit code for vulnerability #6 is available.
Vulnerable software
Subscribe
SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_153-preempt
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP3_Update_42-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_153-default
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 15 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU88889

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46955

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the ovs_fragment() function in net/openvswitch/actions.c when running openvswitch on kernels built with KASAN. A remote attacker can send specially crafted IPv4 packets to the system, trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU91058

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47378

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_rdma_free_queue(), nvme_rdma_conn_established(), nvme_rdma_route_resolved() and nvme_rdma_cm_handler() functions in drivers/nvme/host/rdma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU91390

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47383

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vc_do_resize() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU90142

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47402

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fl_walk() function in net/sched/cls_flower.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU89680

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48651

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in drivers/net/ipvlan/ipvlan_core.c. A remote attacker on the local network can send specially crafted packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU75448

Risk: Low

CVSSv3.1: 7.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-1829

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcindex_delete() function. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

7) Race condition

EUVDB-ID: #VU85022

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6531

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition when the unix garbage collector's deletion of a SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Race condition

EUVDB-ID: #VU85241

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6546

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in the GSM 0710 tty multiplexor in the Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Integer overflow

EUVDB-ID: #VU88102

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23307

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Buffer overflow

EUVDB-ID: #VU89679

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26610

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the iwl_dbg_tlv_override_trig_node() function in drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Integer underflow

EUVDB-ID: #VU91674

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26828

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU90194

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26852

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_route_multipath_add() and list_for_each_entry_safe() functions in net/ipv6/route.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Improper locking

EUVDB-ID: #VU92035

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26923

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU89672

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27398

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU92212

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35950

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 42 for SLE 15 SP3) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-preempt: before 7-150300.7.6.1

kernel-livepatch-SLE15-SP3_Update_42-debugsource: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default: before 7-150300.7.6.1

kernel-livepatch-5_3_18-150300_59_153-default-debuginfo: before 7-150300.7.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243034-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###