SUSE update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)



Risk Medium
Patch available YES
Number of vulnerabilities 23
CVE-ID CVE-2021-46955
CVE-2021-47291
CVE-2021-47378
CVE-2021-47383
CVE-2021-47402
CVE-2021-47598
CVE-2021-47600
CVE-2022-48651
CVE-2023-1829
CVE-2023-52752
CVE-2023-6531
CVE-2023-6546
CVE-2024-23307
CVE-2024-26828
CVE-2024-26852
CVE-2024-26923
CVE-2024-27398
CVE-2024-35861
CVE-2024-35862
CVE-2024-35864
CVE-2024-35950
CVE-2024-36964
CVE-2024-41059
CWE-ID CWE-125
CWE-416
CWE-362
CWE-190
CWE-191
CWE-667
CWE-269
CWE-908
Exploitation vector Network
Public exploit Public exploit code for vulnerability #9 is available.
Vulnerable software
SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP2_Update_46-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150200_24_183-default
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 23 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU88889

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46955

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the ovs_fragment() function in net/openvswitch/actions.c when running openvswitch on kernels built with KASAN. A remote attacker can send specially crafted IPv4 packets to the system, trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU90293

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47291

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ip6_route_info_create() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU91058

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47378

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_rdma_free_queue(), nvme_rdma_conn_established(), nvme_rdma_route_resolved() and nvme_rdma_cm_handler() functions in drivers/nvme/host/rdma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU91390

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47383

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vc_do_resize() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU90142

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47402

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fl_walk() function in net/sched/cls_flower.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU92302

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47598

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cake_init() function in net/sched/sch_cake.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU92303

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47600

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rebalance_children() function in drivers/md/persistent-data/dm-btree-remove.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Out-of-bounds read

EUVDB-ID: #VU89680

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48651

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in drivers/net/ipvlan/ipvlan_core.c. A remote attacker on the local network can send specially crafted packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU75448

Risk: Low

CVSSv3.1: 7.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-1829

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcindex_delete() function. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

10) Use-after-free

EUVDB-ID: #VU90068

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Race condition

EUVDB-ID: #VU85022

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6531

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition when the unix garbage collector's deletion of a SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Race condition

EUVDB-ID: #VU85241

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6546

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in the GSM 0710 tty multiplexor in the Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Integer overflow

EUVDB-ID: #VU88102

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23307

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Integer underflow

EUVDB-ID: #VU91674

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26828

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU90194

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26852

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_route_multipath_add() and list_for_each_entry_safe() functions in net/ipv6/route.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Improper locking

EUVDB-ID: #VU92035

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26923

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU89672

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27398

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU90150

Risk: Medium

CVSSv3.1: 5 [AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35861

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_signal_cifsd_for_reconnect() function in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU90152

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35862

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the smb2_is_network_name_deleted() function in fs/smb/client/smb2ops.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU90149

Risk: Medium

CVSSv3.1: 5 [AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35864

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the smb2_is_valid_lease_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU92212

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35950

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Improper privilege management

EUVDB-ID: #VU93734

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36964

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the p9mode2perm() function in fs/9p/vfs_inode.c. A local user can read and manipulate data.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use of uninitialized resource

EUVDB-ID: #VU95033

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41059

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the hfsplus_listxattr() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel (Live Patch 46 for SLE 15 SP2) to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

kernel-livepatch-5_3_18-150200_24_183-default-debuginfo: before 9-150200.5.6.1

kernel-livepatch-SLE15-SP2_Update_46-debugsource: before 9-150200.5.6.1

kernel-livepatch-5_3_18-150200_24_183-default: before 9-150200.5.6.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243803-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###