SUSE update for the Linux Kernel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 130 |
| CVE-ID | CVE-2022-48901 CVE-2022-48911 CVE-2022-48923 CVE-2022-48935 CVE-2022-48944 CVE-2022-48945 CVE-2023-52610 CVE-2023-52916 CVE-2024-26640 CVE-2024-26759 CVE-2024-26767 CVE-2024-26804 CVE-2024-26837 CVE-2024-37353 CVE-2024-38538 CVE-2024-38596 CVE-2024-38632 CVE-2024-40910 CVE-2024-40973 CVE-2024-40983 CVE-2024-41062 CVE-2024-41082 CVE-2024-42154 CVE-2024-42259 CVE-2024-42265 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-43828 CVE-2024-43835 CVE-2024-43890 CVE-2024-43898 CVE-2024-43912 CVE-2024-43914 CVE-2024-44935 CVE-2024-44944 CVE-2024-44946 CVE-2024-44948 CVE-2024-44950 CVE-2024-44952 CVE-2024-44954 CVE-2024-44967 CVE-2024-44969 CVE-2024-44970 CVE-2024-44971 CVE-2024-44972 CVE-2024-44977 CVE-2024-44982 CVE-2024-44986 CVE-2024-44987 CVE-2024-44988 CVE-2024-44989 CVE-2024-44990 CVE-2024-44998 CVE-2024-44999 CVE-2024-45000 CVE-2024-45001 CVE-2024-45003 CVE-2024-45006 CVE-2024-45007 CVE-2024-45008 CVE-2024-45011 CVE-2024-45013 CVE-2024-45015 CVE-2024-45018 CVE-2024-45020 CVE-2024-45021 CVE-2024-45026 CVE-2024-45028 CVE-2024-45029 CVE-2024-46673 CVE-2024-46674 CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685 CVE-2024-46686 CVE-2024-46689 CVE-2024-46694 CVE-2024-46702 CVE-2024-46707 CVE-2024-46714 CVE-2024-46715 CVE-2024-46717 CVE-2024-46720 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723 CVE-2024-46724 CVE-2024-46725 CVE-2024-46726 CVE-2024-46727 CVE-2024-46728 CVE-2024-46730 CVE-2024-46731 CVE-2024-46732 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745 CVE-2024-46746 CVE-2024-46747 CVE-2024-46750 CVE-2024-46751 CVE-2024-46752 CVE-2024-46753 CVE-2024-46755 CVE-2024-46756 CVE-2024-46758 CVE-2024-46759 CVE-2024-46761 CVE-2024-46771 CVE-2024-46772 CVE-2024-46773 CVE-2024-46774 CVE-2024-46778 CVE-2024-46780 CVE-2024-46781 CVE-2024-46783 CVE-2024-46784 CVE-2024-46786 CVE-2024-46787 CVE-2024-46791 CVE-2024-46794 CVE-2024-46798 CVE-2024-46822 CVE-2024-46830 |
| CWE-ID | CWE-667 CWE-416 CWE-119 CWE-20 CWE-401 CWE-399 CWE-362 CWE-835 CWE-908 CWE-366 CWE-476 CWE-388 CWE-843 CWE-125 CWE-665 CWE-369 CWE-682 CWE-191 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #37 is available. |
| Vulnerable software Subscribe |
openSUSE Leap Micro Operating systems & Components / Operating system SUSE Linux Enterprise Micro Operating systems & Components / Operating system SUSE Real Time Module Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system kernel-rt Operating systems & Components / Operating system package or component kernel-rt_debug Operating systems & Components / Operating system package or component kernel-rt-extra-debuginfo Operating systems & Components / Operating system package or component kernel-rt-extra Operating systems & Components / Operating system package or component kernel-rt_debug-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-vdso Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-livepatch-devel Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component reiserfs-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-vdso Operating systems & Components / Operating system package or component reiserfs-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-vdso-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional-debuginfo Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt-optional Operating systems & Components / Operating system package or component kernel-rt_debug-livepatch-devel Operating systems & Components / Operating system package or component kernel-livepatch-5_14_21-150500_13_73-rt Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component kselftests-kmp-rt Operating systems & Components / Operating system package or component kernel-rt-livepatch Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component kselftests-kmp-rt-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 130 vulnerabilities.
1) Improper locking
EUVDB-ID: #VU96434
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48901
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the btrfs_maybe_wake_unfinished_drop() and btrfs_add_dead_root() functions in fs/btrfs/transaction.c, within the btrfs_find_orphan_roots() function in fs/btrfs/root-tree.c, within the btrfs_relocate_block_group() function in fs/btrfs/relocation.c, within the btrfs_drop_snapshot() and btrfs_free_path() functions in fs/btrfs/extent-tree.c, within the open_ctree() and close_ctree() functions in fs/btrfs/disk-io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU96410
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48911
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nf_queue_entry_dup() function in net/netfilter/nfnetlink_queue.c, within the nf_queue_entry_release_refs(), nf_queue_entry_get_refs() and __nf_queue() functions in net/netfilter/nf_queue.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU96443
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48923
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the lzo_decompress_bio() function in fs/btrfs/lzo.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use-after-free
EUVDB-ID: #VU96409
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48935
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __nft_release_table() function in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU96648
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48944
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tg_nop(), sched_fork(), sched_post_fork(), set_user_nice(), __setscheduler_params() and sched_init() functions in kernel/sched/core.c, within the copy_process() function in kernel/fork.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU97681
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48945
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the vivid_vid_cap_s_selection() function in drivers/media/platform/vivid/vivid-vid-cap.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Memory leak
EUVDB-ID: #VU89382
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52610
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak in net/sched/act_ct.c. A local user can force the kernel to leak memory and perform denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Resource management error
EUVDB-ID: #VU96935
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52916
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the aspeed_video_get_resolution() and aspeed_video_set_resolution() functions in drivers/media/platform/aspeed/aspeed-video.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Resource management error
EUVDB-ID: #VU89397
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26640
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the skb_advance_to_frag() function in net/ipv4/tcp.c. A remote attacker can send specially crafted data to the system and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Race condition
EUVDB-ID: #VU91479
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26759
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the swapcache_prepare() function in mm/swapfile.c, within the do_swap_page() and folio_unlock() functions in mm/memory.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Infinite loop
EUVDB-ID: #VU91415
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26767
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the link_validate_dpia_bandwidth() function in drivers/gpu/drm/amd/display/dc/link/link_validation.c, within the get_firmware_info_v3_2(), get_integrated_info_v11(), get_integrated_info_v2_1() and get_integrated_info_v2_2() functions in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Use-after-free
EUVDB-ID: #VU90212
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26804
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tnl_update_pmtu(), ip_md_tunnel_xmit() and ip_tunnel_xmit() functions in net/ipv4/ip_tunnel.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Improper locking
EUVDB-ID: #VU92039
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26837
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the switchdev_obj_eq() and switchdev_port_obj_del() functions in net/switchdev/switchdev.c, within the br_switchdev_mdb_replay_one() and br_switchdev_mdb_replay() functions in net/bridge/br_switchdev.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Resource management error
EUVDB-ID: #VU93179
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-37353
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vp_find_vqs_msix() function in drivers/virtio/virtio_pci_common.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Use of uninitialized resource
EUVDB-ID: #VU92373
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38538
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and br_dev_xmit() functions in net/bridge/br_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Race condition within a thread
EUVDB-ID: #VU92380
Risk: Low
CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38596
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the unix_stream_sendmsg() function in net/unix/af_unix.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Memory leak
EUVDB-ID: #VU93020
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38632
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vfio_intx_enable() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Memory leak
EUVDB-ID: #VU94203
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-40910
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ax25_accept() function in net/ax25/af_ax25.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) NULL pointer dereference
EUVDB-ID: #VU94241
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-40973
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_vcodec_fw_scp_init() function in drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Resource management error
EUVDB-ID: #VU94304
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-40983
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tipc_rcv() function in net/tipc/node.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) NULL pointer dereference
EUVDB-ID: #VU94977
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41062
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the l2cap_sock_kill(), l2cap_sock_new_connection_cb() and l2cap_sock_recv_cb() functions in net/bluetooth/l2cap_sock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Resource management error
EUVDB-ID: #VU95073
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-41082
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nvmf_reg_read32(), nvmf_reg_read64() and nvmf_reg_write32() functions in drivers/nvme/host/fabrics.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Input validation error
EUVDB-ID: #VU95093
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-42154
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sizeof() function in net/ipv4/tcp_metrics.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Buffer overflow
EUVDB-ID: #VU96008
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-42259
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the i915_error_to_vmf_fault() and vm_fault_gtt() functions in drivers/gpu/drm/i915/gem/i915_gem_mman.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Input validation error
EUVDB-ID: #VU96203
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-42265
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __releases() function in fs/file.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper error handling
EUVDB-ID: #VU96164
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-42304
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the __ext4_read_dirblock(), ext4_empty_dir() and ext4_get_first_dir_block() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Resource management error
EUVDB-ID: #VU96182
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-42305
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the add_dirent_to_buf() and make_indexed_dir() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Buffer overflow
EUVDB-ID: #VU96184
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-42306
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the udf_sb_free_bitmap() function in fs/udf/super.c, within the read_block_bitmap() and __load_block_bitmap() functions in fs/udf/balloc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Use of uninitialized resource
EUVDB-ID: #VU96169
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-43828
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ext4_es_find_extent_range() function in fs/ext4/extents_status.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Improper locking
EUVDB-ID: #VU96148
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-43835
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the virtnet_receive(), virtnet_poll_cleantx(), virtnet_poll() and virtnet_poll_tx() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Buffer overflow
EUVDB-ID: #VU96544
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-43890
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the get_free_elt(), tracing_map_clear() and tracing_map_create() functions in kernel/trace/tracing_map.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) NULL pointer dereference
EUVDB-ID: #VU96533
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-43898
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ext4_da_do_write_end() function in fs/ext4/inode.c, within the __block_commit_write() function in fs/buffer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Input validation error
EUVDB-ID: #VU96548
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-43912
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __nl80211_set_channel() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Input validation error
EUVDB-ID: #VU96542
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-43914
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the reshape_request() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) NULL pointer dereference
EUVDB-ID: #VU96522
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44935
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __sctp_hash_endpoint() and __sctp_unhash_endpoint() functions in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Type Confusion
EUVDB-ID: #VU96639
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44944
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Use-after-free
EUVDB-ID: #VU96658
Risk: Low
CVSSv3.1: 7.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2024-44946
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kcm_sendmsg(), KCM_STATS_ADD(), sk->sk_write_space() and init_kcm_sock() functions in net/kcm/kcmsock.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
38) Input validation error
EUVDB-ID: #VU96889
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44948
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mtrr_save_state() function in arch/x86/kernel/cpu/mtrr/mtrr.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Resource management error
EUVDB-ID: #VU96875
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44950
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sc16is7xx_set_baud() function in drivers/tty/serial/sc16is7xx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Improper locking
EUVDB-ID: #VU96857
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44952
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the make_driver_name() and module_remove_driver() functions in drivers/base/module.c, within the dev_uevent() and uevent_show() functions in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Improper locking
EUVDB-ID: #VU96859
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44954
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the line6_data_received() function in sound/usb/line6/driver.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Input validation error
EUVDB-ID: #VU96890
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44967
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mga_i2c_read_gpio(), mga_gpio_getscl() and mgag200_i2c_init() functions in drivers/gpu/drm/mgag200/mgag200_i2c.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Buffer overflow
EUVDB-ID: #VU96885
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44969
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the sclp_sd_store_data() function in drivers/s390/char/sclp_sd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Buffer overflow
EUVDB-ID: #VU96876
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44970
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/ethernet/mellanox/mlx5/core/en_rx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Memory leak
EUVDB-ID: #VU96832
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44971
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_sf2_mdio_register() function in drivers/net/dsa/bcm_sf2.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Memory leak
EUVDB-ID: #VU96833
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44972
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the extent_write_locked_range() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Out-of-bounds read
EUVDB-ID: #VU96844
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44977
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ta_if_load_debugfs_write() function in drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Memory leak
EUVDB-ID: #VU96828
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44982
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dpu_plane_prepare_fb() function in drivers/gpu/drm/msm/disp/dpu1/dpu_plane.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Use-after-free
EUVDB-ID: #VU96838
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44986
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_finish_output2() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Use-after-free
EUVDB-ID: #VU96839
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44987
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_send_skb() function in net/ipv6/ip6_output.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Out-of-bounds read
EUVDB-ID: #VU96845
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44988
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mv88e6xxx_g1_atu_prob_irq_thread_fn() function in drivers/net/dsa/mv88e6xxx/global1_atu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) NULL pointer dereference
EUVDB-ID: #VU96847
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44989
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bond_ipsec_del_sa_all() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) NULL pointer dereference
EUVDB-ID: #VU96848
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44990
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bond_ipsec_offload_ok() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Use-after-free
EUVDB-ID: #VU96842
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44998
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dequeue_rx() function in drivers/atm/idt77252.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Use of uninitialized resource
EUVDB-ID: #VU96870
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-44999
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the gtp_dev_xmit() function in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) NULL pointer dereference
EUVDB-ID: #VU96850
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45000
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the spin_lock() function in fs/fscache/cookie.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Resource management error
EUVDB-ID: #VU96874
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45001
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mana_get_rxbuf_cfg() function in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Use-after-free
EUVDB-ID: #VU96843
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45003
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the inode_lru_list_del(), evict() and inode_lru_isolate() functions in fs/inode.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) NULL pointer dereference
EUVDB-ID: #VU96852
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45006
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xhci_configure_endpoint() and xhci_setup_device() functions in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Input validation error
EUVDB-ID: #VU96888
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45007
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the MODULE_LICENSE(), cleanup_dev(), report_io_error() and xillyusb_init() functions in drivers/char/xillybus/xillyusb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Buffer overflow
EUVDB-ID: #VU96883
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45008
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the input_mt_init_slots() function in drivers/input/input-mt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Input validation error
EUVDB-ID: #VU97195
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45011
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the xillyusb_setup_base_eps() and setup_channels() functions in drivers/char/xillybus/xillyusb.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Use-after-free
EUVDB-ID: #VU97168
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45013
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_stop_ctrl() and EXPORT_SYMBOL_GPL() functions in drivers/nvme/host/core.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) NULL pointer dereference
EUVDB-ID: #VU97171
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45015
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpu_encoder_virt_atomic_mode_set() and dpu_encoder_virt_atomic_enable() functions in drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Use of uninitialized resource
EUVDB-ID: #VU97182
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45018
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nf_flow_offload_tuple() function in net/netfilter/nf_flow_table_offload.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Out-of-bounds read
EUVDB-ID: #VU97170
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45020
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the stacksafe() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Improper Initialization
EUVDB-ID: #VU97184
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45021
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the memcg_write_event_control() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Buffer overflow
EUVDB-ID: #VU97188
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45026
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dasd_eckd_analysis_ccw(), dasd_eckd_build_check_tcw(), dasd_eckd_build_cp_cmd_single(), dasd_eckd_build_cp_tpm_track() and dasd_eckd_dump_sense() functions in drivers/s390/block/dasd_eckd.c, within the dasd_3990_erp_file_prot() function in drivers/s390/block/dasd_3990_erp.c, within the dasd_ese_needs_format(), dasd_int_handler() and list_for_each_entry_safe() functions in drivers/s390/block/dasd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) NULL pointer dereference
EUVDB-ID: #VU97173
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45028
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtf_test_write() function in drivers/mmc/core/mmc_test.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Improper locking
EUVDB-ID: #VU97180
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-45029
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tegra_i2c_probe() function in drivers/i2c/busses/i2c-tegra.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Use-after-free
EUVDB-ID: #VU97251
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46673
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aac_init_adapter() function in drivers/scsi/aacraid/comminit.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Use-after-free
EUVDB-ID: #VU97252
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46674
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the st_dwc3_probe() and reset_control_assert() functions in drivers/usb/dwc3/dwc3-st.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
73) Buffer overflow
EUVDB-ID: #VU97287
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46675
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dwc3_event_buffers_setup() function in drivers/usb/dwc3/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Division by zero
EUVDB-ID: #VU97276
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46676
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the pn533_start_poll() function in drivers/nfc/pn533/pn533.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) NULL pointer dereference
EUVDB-ID: #VU97257
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46677
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gtp_encap_enable_socket() function in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Input validation error
EUVDB-ID: #VU97269
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46679
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the speed_show() function in net/core/net-sysfs.c, within the __ethtool_get_link_ksettings() function in net/core/ethtool.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
77) NULL pointer dereference
EUVDB-ID: #VU97259
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46685
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pcs_get_function() function in drivers/pinctrl/pinctrl-single.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) NULL pointer dereference
EUVDB-ID: #VU97260
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46686
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smb2_new_read_req() function in fs/smb/client/smb2pdu.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
79) Infinite loop
EUVDB-ID: #VU97279
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46689
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the cmd_db_dev_probe() function in drivers/soc/qcom/cmd-db.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
80) Improper error handling
EUVDB-ID: #VU97273
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46694
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dm_plane_helper_prepare_fb() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_plane.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
81) Improper locking
EUVDB-ID: #VU97264
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46702
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tb_switch_remove() function in drivers/thunderbolt/switch.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
82) NULL pointer dereference
EUVDB-ID: #VU97256
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46707
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the access_gic_sgi() function in arch/arm64/kvm/sys_regs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
83) Improper error handling
EUVDB-ID: #VU97548
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46714
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the wbscl_set_scaler_filter() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_dwb_scl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
84) NULL pointer dereference
EUVDB-ID: #VU97531
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46715
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL(), iio_channel_read() and iio_channel_read_avail() functions in drivers/iio/inkern.c, within the iio_ev_state_store(), iio_ev_state_show() and iio_ev_value_show() functions in drivers/iio/industrialio-event.c, within the iio_read_channel_info() and iio_read_channel_info_avail() functions in drivers/iio/industrialio-core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
85) Input validation error
EUVDB-ID: #VU97571
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46717
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5e_handle_rx_cqe_mpwrq_shampo() function in drivers/net/ethernet/mellanox/mlx5/core/en_rx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
86) NULL pointer dereference
EUVDB-ID: #VU97533
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46720
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_device_gpu_recover() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
87) NULL pointer dereference
EUVDB-ID: #VU97532
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46721
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __aafs_profile_mkdir() function in security/apparmor/apparmorfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
88) Out-of-bounds read
EUVDB-ID: #VU97508
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46722
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_atombios_init_mc_reg_table() function in drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
89) Out-of-bounds read
EUVDB-ID: #VU97509
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46723
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_cgs_get_firmware_info() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
90) Out-of-bounds read
EUVDB-ID: #VU97510
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46724
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the df_v1_7_get_hbm_channel_number() function in drivers/gpu/drm/amd/amdgpu/df_v1_7.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
91) Out-of-bounds read
EUVDB-ID: #VU97511
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46725
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_ring_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
92) Buffer overflow
EUVDB-ID: #VU97557
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46726
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dcn_bw_update_from_pplib_fclks() function in drivers/gpu/drm/amd/display/dc/dml/calcs/dcn_calcs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
93) Improper error handling
EUVDB-ID: #VU97549
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46727
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the resource_log_pipe_topology_update() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
94) Buffer overflow
EUVDB-ID: #VU97558
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46728
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the configure_lttpr_mode_non_transparent() function in drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
95) Resource management error
EUVDB-ID: #VU97559
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46730
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the acquire_otg_master_pipe_for_stream() function in drivers/gpu/drm/amd/display/dc/core/dc_resource.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
96) Out-of-bounds read
EUVDB-ID: #VU97512
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46731
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the atomctrl_retrieve_ac_timing() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
97) Division by zero
EUVDB-ID: #VU97555
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46732
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the dc_create() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
98) NULL pointer dereference
EUVDB-ID: #VU97529
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46737
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nvmet_tcp_install_queue() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
99) Use-after-free
EUVDB-ID: #VU97491
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46738
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vmci_resource_remove() function in drivers/misc/vmw_vmci/vmci_resource.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
100) NULL pointer dereference
EUVDB-ID: #VU97528
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46739
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hv_uio_channel_cb() function in drivers/uio/uio_hv_generic.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
101) Out-of-bounds read
EUVDB-ID: #VU97503
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46743
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the of_irq_parse_one() function in drivers/of/irq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
102) Input validation error
EUVDB-ID: #VU97540
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46744
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the squashfs_read_inode() function in fs/squashfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
103) Use-after-free
EUVDB-ID: #VU97493
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46745
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uinput_validate_absinfo() function in drivers/input/misc/uinput.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
104) Use-after-free
EUVDB-ID: #VU97494
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46746
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the amdtp_hid_remove() function in drivers/hid/amd-sfh-hid/amd_sfh_hid.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
105) Out-of-bounds read
EUVDB-ID: #VU97504
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46747
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cougar_fix_g6_mapping() function in drivers/hid/hid-cougar.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
106) Improper locking
EUVDB-ID: #VU97539
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46750
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pci_bus_lock(), pci_bus_unlock(), pci_bus_trylock(), list_for_each_entry_continue_reverse(), pci_slot_lock() and pci_slot_trylock() functions in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
107) Incorrect calculation
EUVDB-ID: #VU97561
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46751
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the btrfs_item_ptr() and spin_lock() functions in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
108) Improper error handling
EUVDB-ID: #VU97543
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46752
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the update_ref_for_cow() function in fs/btrfs/ctree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
109) Improper error handling
EUVDB-ID: #VU97544
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46753
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the walk_up_proc() function in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
110) NULL pointer dereference
EUVDB-ID: #VU97525
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46755
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/wireless/marvell/mwifiex/main.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
111) Integer underflow
EUVDB-ID: #VU97551
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46756
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the store_target_temp() and store_tolerance() functions in drivers/hwmon/w83627ehf.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
112) Integer underflow
EUVDB-ID: #VU97553
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46758
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the set_tcrit2(), set_tcrit1(), set_tcrit1_hyst() and set_offset() functions in drivers/hwmon/lm95234.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
113) Integer underflow
EUVDB-ID: #VU97554
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46759
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the adc128_set_in() and adc128_set_temp() functions in drivers/hwmon/adc128d818.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
114) NULL pointer dereference
EUVDB-ID: #VU97513
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46761
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pnv_php_disable_irq() function in drivers/pci/hotplug/pnv_php.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
115) Memory leak
EUVDB-ID: #VU97485
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46771
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bcm_notify() function in net/can/bcm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
116) Input validation error
EUVDB-ID: #VU97567
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46772
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dcn315_populate_dml_pipes_from_context() function in drivers/gpu/drm/amd/display/dc/resource/dcn315/dcn315_resource.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
117) Input validation error
EUVDB-ID: #VU97565
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46773
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dm_update_mst_vcpi_slots_for_dsc() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
118) Buffer overflow
EUVDB-ID: #VU97563
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46774
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYSCALL_DEFINE1() function in arch/powerpc/kernel/rtas.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
119) NULL pointer dereference
EUVDB-ID: #VU97519
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46778
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the CalculateSwathAndDETConfiguration() function in drivers/gpu/drm/amd/display/dc/dml2/display_mode_core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
120) Buffer overflow
EUVDB-ID: #VU97564
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46780
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nilfs_dev_revision_show(), nilfs_dev_device_size_show(), nilfs_dev_uuid_show() and nilfs_dev_volume_name_show() functions in fs/nilfs2/sysfs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
121) Use-after-free
EUVDB-ID: #VU97495
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46781
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_finish_roll_forward() and nilfs_salvage_orphan_logs() functions in fs/nilfs2/recovery.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
122) Improper error handling
EUVDB-ID: #VU97546
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46783
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sk_stream_error() function in net/ipv4/tcp_bpf.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
123) Improper error handling
EUVDB-ID: #VU97547
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46784
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mana_destroy_txq(), mana_create_txq() and mana_destroy_rxq() functions in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
124) Use-after-free
EUVDB-ID: #VU97497
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46786
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fscache_exit() function in fs/fscache/main.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
125) Improper locking
EUVDB-ID: #VU97536
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46787
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pmdp_get_lockless() function in mm/userfaultfd.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
126) Improper locking
EUVDB-ID: #VU97535
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46791
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mcp251x_hw_wake() function in drivers/net/can/spi/mcp251x.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
127) Memory leak
EUVDB-ID: #VU97489
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46794
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mmio_read() function in arch/x86/coco/tdx/tdx.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
128) Use-after-free
EUVDB-ID: #VU97500
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46798
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_soc_dai_link_event() function in sound/soc/soc-dapm.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
129) NULL pointer dereference
EUVDB-ID: #VU97798
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46822
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arch/arm64/include/asm/acpi.h. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
130) Improper locking
EUVDB-ID: #VU97804
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46830
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kvm_arch_vcpu_ioctl() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsopenSUSE Leap Micro: 5.5
SUSE Linux Enterprise Micro: 5.5
SUSE Real Time Module: 15-SP5
SUSE Linux Enterprise Live Patching: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
kernel-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug: before 5.14.21-150500.13.73.1
kernel-rt-extra-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-extra: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-vdso: before 5.14.21-150500.13.73.1
kernel-rt_debug-debugsource: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
gfs2-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel: before 5.14.21-150500.13.73.1
cluster-md-kmp-rt: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-vdso: before 5.14.21-150500.13.73.1
reiserfs-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-optional-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel: before 5.14.21-150500.13.73.1
kernel-rt-debugsource: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo: before 1-150500.11.3.1
kernel-rt-optional: before 5.14.21-150500.13.73.1
kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.73.1
kernel-livepatch-5_14_21-150500_13_73-rt: before 1-150500.11.3.1
kernel-rt_debug-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt-devel-debuginfo: before 5.14.21-150500.13.73.1
kselftests-kmp-rt: before 5.14.21-150500.13.73.1
kernel-rt-livepatch: before 5.14.21-150500.13.73.1
gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt: before 5.14.21-150500.13.73.1
kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.73.1
kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.73.1
kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource: before 1-150500.11.3.1
kernel-syms-rt: before 5.14.21-150500.13.73.1
kernel-devel-rt: before 5.14.21-150500.13.73.1
kernel-source-rt: before 5.14.21-150500.13.73.1
CPE2.3- cpe:2.3:o:suse:opensuse_leap_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_micro:5.5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_real_time_module:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243592-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
