SUSE update for the Linux Kernel
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 10 |
| CVE-ID | CVE-2021-47069 CVE-2022-48911 CVE-2022-48945 CVE-2024-36971 CVE-2024-41087 CVE-2024-44946 CVE-2024-45003 CVE-2024-45021 CVE-2024-46695 CVE-2024-46774 |
| CWE-ID | CWE-400 CWE-416 CWE-119 CWE-415 CWE-665 CWE-667 |
| Exploitation vector | Local |
| Public exploit |
Vulnerability #4 is being exploited in the wild. Public exploit code for vulnerability #6 is available. |
| Vulnerable software |
SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP2 Business Critical Linux Operating systems & Components / Operating system SUSE Linux Enterprise High Availability Extension 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP2 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system reiserfs-kmp-default Operating systems & Components / Operating system package or component reiserfs-kmp-default-debuginfo Operating systems & Components / Operating system package or component kernel-docs Operating systems & Components / Operating system package or component kernel-macros Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-syms Operating systems & Components / Operating system package or component kernel-preempt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-preempt-devel Operating systems & Components / Operating system package or component kernel-default-devel-debuginfo Operating systems & Components / Operating system package or component kernel-default-devel Operating systems & Components / Operating system package or component kernel-obs-build Operating systems & Components / Operating system package or component kernel-preempt-debuginfo Operating systems & Components / Operating system package or component kernel-preempt-debugsource Operating systems & Components / Operating system package or component kernel-default-base Operating systems & Components / Operating system package or component kernel-obs-build-debugsource Operating systems & Components / Operating system package or component kernel-preempt Operating systems & Components / Operating system package or component dlm-kmp-default-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-default Operating systems & Components / Operating system package or component cluster-md-kmp-default-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-default Operating systems & Components / Operating system package or component ocfs2-kmp-default Operating systems & Components / Operating system package or component gfs2-kmp-default Operating systems & Components / Operating system package or component ocfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component kernel-default-debugsource Operating systems & Components / Operating system package or component kernel-default-livepatch-devel Operating systems & Components / Operating system package or component kernel-default-debuginfo Operating systems & Components / Operating system package or component kernel-default-livepatch Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150200_24_206-default Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_53-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150200_24_206-default-debuginfo Operating systems & Components / Operating system package or component kernel-default Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU92484
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47069
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error within the IPC implementation in Linux kernel. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU96410
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48911
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_queue_entry_dup() function in net/netfilter/nfnetlink_queue.c, within the nf_queue_entry_release_refs(), nf_queue_entry_get_refs() and __nf_queue() functions in net/netfilter/nf_queue.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU97681
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48945
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the vivid_vid_cap_s_selection() function in drivers/media/platform/vivid/vivid-vid-cap.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use-after-free
EUVDB-ID: #VU91597
Risk: Critical
CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]
CVE-ID: CVE-2024-36971
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A remote attacker can send specially crafted packets to the system and execute arbitrary code.
Note, the vulnerability is being actively exploited in the wild.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
5) Double free
EUVDB-ID: #VU95008
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41087
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ata_host_alloc() function in drivers/ata/libata-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use-after-free
EUVDB-ID: #VU96658
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2024-44946
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kcm_sendmsg(), KCM_STATS_ADD(), sk->sk_write_space() and init_kcm_sock() functions in net/kcm/kcmsock.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
7) Use-after-free
EUVDB-ID: #VU96843
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45003
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the inode_lru_list_del(), evict() and inode_lru_isolate() functions in fs/inode.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper Initialization
EUVDB-ID: #VU97184
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45021
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the memcg_write_event_control() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper locking
EUVDB-ID: #VU97268
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46695
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smack_inode_notifysecctx() function in security/smack/smack_lsm.c, within the selinux_inode_notifysecctx() function in security/selinux/hooks.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Buffer overflow
EUVDB-ID: #VU97563
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46774
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYSCALL_DEFINE1() function in arch/powerpc/kernel/rtas.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default: before 5.3.18-150200.24.206.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-docs: before 5.3.18-150200.24.206.1
kernel-macros: before 5.3.18-150200.24.206.1
kernel-source: before 5.3.18-150200.24.206.1
kernel-devel: before 5.3.18-150200.24.206.1
kernel-syms: before 5.3.18-150200.24.206.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-devel: before 5.3.18-150200.24.206.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-devel: before 5.3.18-150200.24.206.1
kernel-obs-build: before 5.3.18-150200.24.206.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.206.1
kernel-preempt-debugsource: before 5.3.18-150200.24.206.1
kernel-default-base: before 5.3.18-150200.24.206.1.150200.9.107.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.206.1
kernel-preempt: before 5.3.18-150200.24.206.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
dlm-kmp-default: before 5.3.18-150200.24.206.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
cluster-md-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default: before 5.3.18-150200.24.206.1
gfs2-kmp-default: before 5.3.18-150200.24.206.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-debugsource: before 5.3.18-150200.24.206.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.206.1
kernel-default-debuginfo: before 5.3.18-150200.24.206.1
kernel-default-livepatch: before 5.3.18-150200.24.206.1
kernel-livepatch-5_3_18-150200_24_206-default: before 1-150200.5.3.1
kernel-livepatch-SLE15-SP2_Update_53-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_206-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.206.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_53-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_206-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
