SUSE update for the Linux Kernel



| Updated: 2025-03-03
Risk Low
Patch available YES
Number of vulnerabilities 257
CVE-ID CVE-2023-52489
CVE-2023-52923
CVE-2024-26810
CVE-2024-36476
CVE-2024-39282
CVE-2024-43913
CVE-2024-45828
CVE-2024-46858
CVE-2024-46896
CVE-2024-47141
CVE-2024-47143
CVE-2024-47809
CVE-2024-48873
CVE-2024-48881
CVE-2024-49569
CVE-2024-49948
CVE-2024-49951
CVE-2024-49978
CVE-2024-49998
CVE-2024-50051
CVE-2024-50106
CVE-2024-50151
CVE-2024-50199
CVE-2024-50251
CVE-2024-50258
CVE-2024-50299
CVE-2024-50304
CVE-2024-52332
CVE-2024-53091
CVE-2024-53095
CVE-2024-53164
CVE-2024-53168
CVE-2024-53170
CVE-2024-53172
CVE-2024-53175
CVE-2024-53185
CVE-2024-53187
CVE-2024-53194
CVE-2024-53195
CVE-2024-53196
CVE-2024-53197
CVE-2024-53198
CVE-2024-53203
CVE-2024-53227
CVE-2024-53230
CVE-2024-53231
CVE-2024-53232
CVE-2024-53233
CVE-2024-53236
CVE-2024-53239
CVE-2024-53685
CVE-2024-53690
CVE-2024-54680
CVE-2024-55639
CVE-2024-55881
CVE-2024-55916
CVE-2024-56369
CVE-2024-56372
CVE-2024-56531
CVE-2024-56532
CVE-2024-56533
CVE-2024-56538
CVE-2024-56543
CVE-2024-56546
CVE-2024-56548
CVE-2024-56557
CVE-2024-56558
CVE-2024-56568
CVE-2024-56569
CVE-2024-56570
CVE-2024-56571
CVE-2024-56572
CVE-2024-56573
CVE-2024-56574
CVE-2024-56575
CVE-2024-56577
CVE-2024-56578
CVE-2024-56584
CVE-2024-56587
CVE-2024-56588
CVE-2024-56589
CVE-2024-56590
CVE-2024-56592
CVE-2024-56593
CVE-2024-56594
CVE-2024-56595
CVE-2024-56596
CVE-2024-56597
CVE-2024-56598
CVE-2024-56600
CVE-2024-56601
CVE-2024-56602
CVE-2024-56603
CVE-2024-56606
CVE-2024-56607
CVE-2024-56608
CVE-2024-56609
CVE-2024-56610
CVE-2024-56611
CVE-2024-56614
CVE-2024-56615
CVE-2024-56616
CVE-2024-56617
CVE-2024-56619
CVE-2024-56620
CVE-2024-56622
CVE-2024-56623
CVE-2024-56625
CVE-2024-56629
CVE-2024-56630
CVE-2024-56631
CVE-2024-56632
CVE-2024-56634
CVE-2024-56635
CVE-2024-56636
CVE-2024-56637
CVE-2024-56641
CVE-2024-56642
CVE-2024-56643
CVE-2024-56644
CVE-2024-56648
CVE-2024-56649
CVE-2024-56650
CVE-2024-56651
CVE-2024-56654
CVE-2024-56656
CVE-2024-56658
CVE-2024-56659
CVE-2024-56660
CVE-2024-56661
CVE-2024-56662
CVE-2024-56663
CVE-2024-56664
CVE-2024-56665
CVE-2024-56670
CVE-2024-56672
CVE-2024-56675
CVE-2024-56677
CVE-2024-56678
CVE-2024-56679
CVE-2024-56681
CVE-2024-56683
CVE-2024-56687
CVE-2024-56688
CVE-2024-56690
CVE-2024-56691
CVE-2024-56693
CVE-2024-56694
CVE-2024-56698
CVE-2024-56700
CVE-2024-56701
CVE-2024-56704
CVE-2024-56705
CVE-2024-56707
CVE-2024-56708
CVE-2024-56709
CVE-2024-56712
CVE-2024-56715
CVE-2024-56716
CVE-2024-56722
CVE-2024-56723
CVE-2024-56724
CVE-2024-56725
CVE-2024-56726
CVE-2024-56727
CVE-2024-56728
CVE-2024-56729
CVE-2024-56739
CVE-2024-56741
CVE-2024-56745
CVE-2024-56746
CVE-2024-56747
CVE-2024-56748
CVE-2024-56759
CVE-2024-56760
CVE-2024-56763
CVE-2024-56765
CVE-2024-56766
CVE-2024-56767
CVE-2024-56769
CVE-2024-56774
CVE-2024-56775
CVE-2024-56776
CVE-2024-56777
CVE-2024-56778
CVE-2024-56779
CVE-2024-56780
CVE-2024-56787
CVE-2024-57791
CVE-2024-57792
CVE-2024-57793
CVE-2024-57795
CVE-2024-57798
CVE-2024-57801
CVE-2024-57802
CVE-2024-57804
CVE-2024-57809
CVE-2024-57838
CVE-2024-57849
CVE-2024-57850
CVE-2024-57857
CVE-2024-57874
CVE-2024-57876
CVE-2024-57882
CVE-2024-57884
CVE-2024-57887
CVE-2024-57888
CVE-2024-57890
CVE-2024-57892
CVE-2024-57893
CVE-2024-57896
CVE-2024-57897
CVE-2024-57899
CVE-2024-57903
CVE-2024-57904
CVE-2024-57906
CVE-2024-57907
CVE-2024-57908
CVE-2024-57910
CVE-2024-57911
CVE-2024-57912
CVE-2024-57913
CVE-2024-57915
CVE-2024-57916
CVE-2024-57917
CVE-2024-57922
CVE-2024-57926
CVE-2024-57929
CVE-2024-57931
CVE-2024-57932
CVE-2024-57933
CVE-2024-57935
CVE-2024-57936
CVE-2024-57938
CVE-2024-57940
CVE-2024-57946
CVE-2025-21632
CVE-2025-21645
CVE-2025-21646
CVE-2025-21649
CVE-2025-21650
CVE-2025-21651
CVE-2025-21652
CVE-2025-21653
CVE-2025-21655
CVE-2025-21656
CVE-2025-21662
CVE-2025-21663
CVE-2025-21664
CVE-2025-21666
CVE-2025-21669
CVE-2025-21670
CVE-2025-21674
CVE-2025-21675
CVE-2025-21676
CVE-2025-21678
CVE-2025-21682
CWE-ID CWE-362
CWE-667
CWE-476
CWE-399
CWE-401
CWE-416
CWE-20
CWE-125
CWE-682
CWE-119
CWE-388
CWE-787
CWE-191
CWE-369
CWE-415
CWE-617
CWE-908
CWE-190
CWE-269
CWE-835
Exploitation vector Local
Public exploit Public exploit code for vulnerability #24 is available.
Vulnerability #41 is being exploited in the wild.
Vulnerable software
 SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Workstation Extension 15
Operating systems & Components / Operating system

Legacy Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

Development Tools Module
Operating systems & Components / Operating system

Basesystem Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15
Operating systems & Components / Operating system

kernel-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

dtb-amazon
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

dtb-apple
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP6_Update_8-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-6_4_0-150600_23_38-default
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-vdso
Operating systems & Components / Operating system package or component

kernel-default-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-vdso
Operating systems & Components / Operating system package or component

kernel-default-vdso
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 257 vulnerabilities.

1) Race condition

EUVDB-ID: #VU89388

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52489

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the section_deactivate() function in mm/sparse.c. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper locking

EUVDB-ID: #VU103086

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52923

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nft_rbtree_cmp(), __nft_rbtree_lookup(), nft_rbtree_get(), nft_rbtree_gc_elem(), nft_rbtree_activate(), nft_rbtree_flush() and nft_rbtree_gc() functions in net/netfilter/nft_set_rbtree.c, within the pipapo_drop(), pipapo_gc() and nft_pipapo_activate() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_cmp(), nft_rhash_activate(), nft_rhash_flush(), nft_rhash_deactivate(), nft_rhash_gc() and nft_rhash_destroy() functions in net/netfilter/nft_set_hash.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper locking

EUVDB-ID: #VU91318

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26810

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the vfio_send_intx_eventfd(), vfio_pci_intx_mask(), vfio_pci_intx_unmask_handler(), vfio_pci_set_intx_unmask() and vfio_pci_set_intx_mask() functions in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU102920

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36476

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the send_io_resp_imm() function in drivers/infiniband/ulp/rtrs/rtrs-srv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource management error

EUVDB-ID: #VU102972

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39282

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the t7xx_fsm_broadcast_state(), fsm_main_thread() and t7xx_fsm_append_cmd() functions in drivers/net/wwan/t7xx/t7xx_state_monitor.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Memory leak

EUVDB-ID: #VU96511

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43913

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the devm_apple_nvme_mempool_destroy() and apple_nvme_probe() functions in drivers/nvme/host/apple.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) NULL pointer dereference

EUVDB-ID: #VU102922

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45828

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hci_dma_cleanup() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free

EUVDB-ID: #VU97783

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46858

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mptcp_pm_del_add_timer() and remove_anno_list_by_saddr() functions in net/mptcp/pm_netlink.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU102923

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46896

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_job_set_resources() and amdgpu_job_free_resources() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_job.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) NULL pointer dereference

EUVDB-ID: #VU102924

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47141

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pr_fmt(), pinmux_can_be_used_for_gpio(), pin_request(), pin_free(), pinmux_enable_setting(), pinmux_disable_setting() and pinmux_pins_show() functions in drivers/pinctrl/pinmux.c, within the pinctrl_register_one_pin() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper locking

EUVDB-ID: #VU102949

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47143

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the check_unmap() function in kernel/dma/debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) NULL pointer dereference

EUVDB-ID: #VU102925

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47809

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the validate_lock_args() function in fs/dlm/lock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) NULL pointer dereference

EUVDB-ID: #VU102926

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-48873

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the rtw89_update_6ghz_rnr_chan() function in drivers/net/wireless/realtek/rtw89/fw.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) NULL pointer dereference

EUVDB-ID: #VU102927

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-48881

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cache_set_flush() function in drivers/md/bcache/super.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Improper locking

EUVDB-ID: #VU102946

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49569

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nvme_stop_keep_alive() function in drivers/nvme/host/rdma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Input validation error

EUVDB-ID: #VU99042

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49948

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Resource management error

EUVDB-ID: #VU99171

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49951

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the cmd_status_rsp(), mgmt_index_added(), mgmt_power_on() and __mgmt_power_off() functions in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) NULL pointer dereference

EUVDB-ID: #VU98948

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49978

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __udp_gso_segment() function in net/ipv4/udp_offload.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) NULL pointer dereference

EUVDB-ID: #VU98944

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49998

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() and dsa_switch_shutdown() functions in net/dsa/dsa.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU102917

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50051

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mpc52xx_spi_remove() function in drivers/spi/spi-mpc52xx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU99802

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50106

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the destroy_delegation(), nfsd4_revoke_states(), nfs4_laundromat(), nfsd4_free_stateid() and nfsd4_delegreturn() functions in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Out-of-bounds read

EUVDB-ID: #VU100066

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50151

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the SMB2_ioctl_init() function in fs/cifs/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU100120

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50199

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the unuse_mm() function in mm/swapfile.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Incorrect calculation

EUVDB-ID: #VU100202

Risk: Low

CVSSv4.0: 5.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2024-50251

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: Yes

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the nft_payload_set_eval() function in net/netfilter/nft_payload.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

25) Input validation error

EUVDB-ID: #VU100189

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50258

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the NLA_POLICY_MIN() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Input validation error

EUVDB-ID: #VU100631

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50299

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sctp_sf_ootb() function in net/sctp/sm_statefuns.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Improper locking

EUVDB-ID: #VU100717

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50304

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ip_tunnel_find() function in net/ipv4/ip_tunnel.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Resource management error

EUVDB-ID: #VU102974

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-52332

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the igb_init_module() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Input validation error

EUVDB-ID: #VU100836

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53091

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the include/net/tls.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Use-after-free

EUVDB-ID: #VU100830

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53095

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the clean_demultiplex_info(), cifs_put_tcp_session() and generic_ip_connect() functions in fs/smb/client/connect.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Resource management error

EUVDB-ID: #VU102248

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53164

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the choke_drop_by_idx() function in net/sched/sch_choke.c, within the cake_drop() function in net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Use-after-free

EUVDB-ID: #VU102061

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53168

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the xs_create_sock() function in net/sunrpc/xprtsock.c, within the svc_create_socket() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Use-after-free

EUVDB-ID: #VU102060

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53170

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the del_gendisk() function in block/genhd.c, within the blk_register_queue() function in block/blk-sysfs.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Resource management error

EUVDB-ID: #VU102249

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53172

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the alloc_ai(), scan_fast() and ubi_attach() functions in drivers/mtd/ubi/attach.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Memory leak

EUVDB-ID: #VU102000

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53175

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the create_ipc_ns() function in ipc/namespace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Use-after-free

EUVDB-ID: #VU102051

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53185

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the SMB2_negotiate() function in fs/smb/client/smb2pdu.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Buffer overflow

EUVDB-ID: #VU102214

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53187

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the io_pin_pages() function in io_uring/memmap.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Use-after-free

EUVDB-ID: #VU102049

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53194

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the pci_slot_release(), pci_bus_get() and make_slot_name() functions in drivers/pci/slot.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Resource management error

EUVDB-ID: #VU102232

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53195

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the DECLARE_KVM_NVHE_PER_CPU(), kvm_arch_vcpu_postcreate(), kvm_arch_vcpu_run_pid_change(), kvm_vcpu_exit_request() and kvm_arch_vcpu_ioctl_run() functions in arch/arm64/kvm/arm.c, within the get_timer_map() function in arch/arm64/kvm/arch_timer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Improper error handling

EUVDB-ID: #VU102209

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53196

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the kvm_mmio_read_buf() and kvm_handle_mmio_return() functions in arch/arm64/kvm/mmio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Out-of-bounds write

EUVDB-ID: #VU102090

Risk: High

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2024-53197

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to compromise the affected system.

The vulnerability exists due to an out-of-bounds write error within the snd_usb_create_quirk(), snd_usb_extigy_boot_quirk(), mbox2_setup_48_24_magic() and snd_usb_mbox2_boot_quirk() functions in sound/usb/quirks.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.

Note, the vulnerability is being actively exploited against Android devices.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

42) Memory leak

EUVDB-ID: #VU102006

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53198

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the xenbus_dev_probe() function in drivers/xen/xenbus/xenbus_probe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Integer underflow

EUVDB-ID: #VU102211

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53203

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the ucsi_ccg_sync_control() function in drivers/usb/typec/ucsi/ucsi_ccg.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Use-after-free

EUVDB-ID: #VU102067

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53227

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bfad_init() function in drivers/scsi/bfa/bfad.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) NULL pointer dereference

EUVDB-ID: #VU102143

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53230

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cppc_get_cpu_cost() function in drivers/cpufreq/cppc_cpufreq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) NULL pointer dereference

EUVDB-ID: #VU102144

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53231

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cppc_get_cpu_power() function in drivers/cpufreq/cppc_cpufreq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Use-after-free

EUVDB-ID: #VU102068

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53232

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the calc_rtx(), s390_domain_free(), s390_iommu_attach_device(), s390_iommu_probe_device(), s390_iommu_unmap_pages() and s390_iommu_init() functions in drivers/iommu/s390-iommu.c, within the pci_fmb_show() function in arch/s390/pci/pci_debug.c, within the zpci_fmb_enable_device() function in arch/s390/pci/pci.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Improper error handling

EUVDB-ID: #VU102207

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53233

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the utf8_load() function in fs/unicode/utf8-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Memory leak

EUVDB-ID: #VU102003

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53236

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the xsk_build_skb() function in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Use-after-free

EUVDB-ID: #VU102070

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53239

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the usb6fire_chip_abort(), usb6fire_chip_destroy(), usb6fire_chip_probe() and usb6fire_chip_disconnect() functions in sound/usb/6fire/chip.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Improper locking

EUVDB-ID: #VU102945

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53685

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the fs/ceph/mds_client.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Integer underflow

EUVDB-ID: #VU102965

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53690

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the nilfs_lookup() function in fs/nilfs2/namei.c, within the nilfs_iget() function in fs/nilfs2/inode.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Use-after-free

EUVDB-ID: #VU102916

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-54680

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the clean_demultiplex_info(), cifs_get_tcp_session(), cifs_crypto_secmech_release(), cifs_put_tcp_session() and generic_ip_connect() functions in fs/smb/client/connect.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Input validation error

EUVDB-ID: #VU102991

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-55639

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the rswitch_device_alloc(), of_node_put() and rswitch_device_free() functions in drivers/net/ethernet/renesas/rswitch.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Resource management error

EUVDB-ID: #VU102984

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-55881

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the complete_hypercall_exit() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) NULL pointer dereference

EUVDB-ID: #VU102929

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-55916

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the util_probe() function in drivers/hv/hv_util.c, within the hv_vss_init() function in drivers/hv/hv_snapshot.c, within the hv_kvp_init() function in drivers/hv/hv_kvp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Division by zero

EUVDB-ID: #VU102970

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56369

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the EXPORT_SYMBOL() and drm_mode_vrefresh() functions in drivers/gpu/drm/drm_modes.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Improper error handling

EUVDB-ID: #VU102959

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56372

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the tun_napi_alloc_frags() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Improper locking

EUVDB-ID: #VU102180

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56531

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the snd_usb_caiaq_input_free() function in sound/usb/caiaq/input.c, within the setup_card(), init_card() and snd_disconnect() functions in sound/usb/caiaq/device.c, within the snd_usb_caiaq_audio_init() function in sound/usb/caiaq/audio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Improper locking

EUVDB-ID: #VU102181

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56532

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the snd_us122l_disconnect() function in sound/usb/usx2y/us122l.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Improper locking

EUVDB-ID: #VU102182

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56533

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the snd_usx2y_disconnect() function in sound/usb/usx2y/usbusx2y.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Use-after-free

EUVDB-ID: #VU102071

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56538

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the zynqmp_dpsub_drm_cleanup() function in drivers/gpu/drm/xlnx/zynqmp_kms.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Resource management error

EUVDB-ID: #VU102252

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56543

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ath12k_mac_peer_cleanup_all() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Use-after-free

EUVDB-ID: #VU102074

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56546

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the xlnx_add_cb_for_suspend() function in drivers/soc/xilinx/xlnx_event_manager.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Use-after-free

EUVDB-ID: #VU102075

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56548

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hfsplus_read_wrapper() function in fs/hfsplus/wrapper.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Buffer overflow

EUVDB-ID: #VU102213

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56557

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the __aligned() function in drivers/iio/adc/ad7923.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Use-after-free

EUVDB-ID: #VU102042

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56558

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the e_show() function in fs/nfsd/export.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) NULL pointer dereference

EUVDB-ID: #VU102127

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56568

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the arm_smmu_probe_device() function in drivers/iommu/arm/arm-smmu/arm-smmu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) NULL pointer dereference

EUVDB-ID: #VU102126

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56569

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ftrace_mod_callback() function in kernel/trace/ftrace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Input validation error

EUVDB-ID: #VU102280

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56570

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ovl_dentry_init_flags() function in fs/overlayfs/util.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Resource management error

EUVDB-ID: #VU102230

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56571

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the uvc_alloc_entity(), uvc_parse_vendor_control(), uvc_parse_standard_control() and uvc_gpio_parse() functions in drivers/media/usb/uvc/uvc_driver.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Memory leak

EUVDB-ID: #VU101996

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56572

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the allocate_buffers_internal() function in drivers/media/platform/allegro-dvt/allegro-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Double free

EUVDB-ID: #VU102193

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56573

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the efi_handle_cmdline() function in drivers/firmware/efi/libstub/efi-stub.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) NULL pointer dereference

EUVDB-ID: #VU102125

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56574

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ts2020_regmap_unlock() function in drivers/media/dvb-frontends/ts2020.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) NULL pointer dereference

EUVDB-ID: #VU102124

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56575

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mxc_jpeg_detach_pm_domains() function in drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) NULL pointer dereference

EUVDB-ID: #VU102123

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56577

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mtk_jpegdec_hw_init_irq() and mtk_jpegdec_hw_probe() functions in drivers/media/platform/mediatek/jpeg/mtk_jpeg_dec_hw.c, within the mtk_jpeg_single_core_init() and mtk_jpeg_probe() functions in drivers/media/platform/mediatek/jpeg/mtk_jpeg_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Improper error handling

EUVDB-ID: #VU102206

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56578

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the mxc_jpeg_probe() function in drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Use-after-free

EUVDB-ID: #VU102038

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56584

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the io_init_wq_offload() function in io_uring/tctx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) NULL pointer dereference

EUVDB-ID: #VU102104

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56587

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the brightness_show() and max_brightness_show() functions in drivers/leds/led-class.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) NULL pointer dereference

EUVDB-ID: #VU102106

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56588

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the debugfs_to_reg_name_v3_hw(), debugfs_global_v3_hw_show(), debugfs_axi_v3_hw_show(), debugfs_ras_v3_hw_show(), debugfs_port_v3_hw_show(), debugfs_cq_v3_hw_show(), debugfs_dq_show_slot_v3_hw(), debugfs_iost_v3_hw_show(), debugfs_iost_cache_v3_hw_show(), debugfs_itct_v3_hw_show(), debugfs_itct_cache_v3_hw_show(), debugfs_create_files_v3_hw(), debugfs_release_v3_hw(), debugfs_snapshot_regs_v3_hw(), debugfs_bist_init_v3_hw() and debugfs_init_v3_hw() functions in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Improper locking

EUVDB-ID: #VU102168

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56589

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cq_thread_v3_hw() function in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Input validation error

EUVDB-ID: #VU102281

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56590

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the hci_tx_work() and hci_acldata_packet() functions in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Improper locking

EUVDB-ID: #VU102167

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56592

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the htab_elem_free(), free_htab_elem(), alloc_htab_elem(), htab_map_update_elem(), htab_map_delete_elem() and prealloc_lru_pop() functions in kernel/bpf/hashtab.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) NULL pointer dereference

EUVDB-ID: #VU102107

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56593

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the brcmf_sdiod_sgtable_alloc() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Improper locking

EUVDB-ID: #VU102160

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56594

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the amdgpu_ttm_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Out-of-bounds read

EUVDB-ID: #VU102088

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56595

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Out-of-bounds read

EUVDB-ID: #VU102087

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56596

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the jfs_readdir() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Out-of-bounds read

EUVDB-ID: #VU102086

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56597

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbAllocCtl() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Out-of-bounds read

EUVDB-ID: #VU102085

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56598

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dtReadFirst() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Use-after-free

EUVDB-ID: #VU102016

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56600

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the htons() function in net/ipv6/af_inet6.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Use-after-free

EUVDB-ID: #VU102015

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56601

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the htons() function in net/ipv4/af_inet.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Use-after-free

EUVDB-ID: #VU102017

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56602

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee802154_create() function in net/ieee802154/socket.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Use-after-free

EUVDB-ID: #VU102018

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56603

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the can_create() function in net/can/af_can.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) Use-after-free

EUVDB-ID: #VU102021

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56606

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the packet_create() function in net/packet/af_packet.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) Improper locking

EUVDB-ID: #VU102166

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56607

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ath12k_mac_op_set_bitrate_mask() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Out-of-bounds read

EUVDB-ID: #VU102076

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56608

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dcn21_link_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn21/dcn21_resource.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Improper locking

EUVDB-ID: #VU102165

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56609

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the rtw_usb_tx_handler() and rtw_usb_deinit_tx() functions in drivers/net/wireless/realtek/rtw88/usb.c, within the rtw_sdio_deinit_tx() function in drivers/net/wireless/realtek/rtw88/sdio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Improper locking

EUVDB-ID: #VU102164

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56610

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the DEFINE_SPINLOCK(), kcsan_skip_report_debugfs(), set_report_filterlist_whitelist(), insert_report_filterlist() and show_info() functions in kernel/kcsan/debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) NULL pointer dereference

EUVDB-ID: #VU102109

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56611

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the migrate_to_node() function in mm/mempolicy.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Out-of-bounds read

EUVDB-ID: #VU102084

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56614

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the xsk_map_delete_elem() function in net/xdp/xskmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) Out-of-bounds read

EUVDB-ID: #VU102083

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56615

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dev_map_alloc(), dev_map_delete_elem() and dev_map_hash_delete_elem() functions in kernel/bpf/devmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Out-of-bounds read

EUVDB-ID: #VU102082

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56616

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the drm_dp_decode_sideband_msg_hdr() function in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) NULL pointer dereference

EUVDB-ID: #VU102111

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56617

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the last_level_cache_is_valid(), populate_cache_leaves() and init_level_allocate_ci() functions in drivers/base/cacheinfo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Use-after-free

EUVDB-ID: #VU102022

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56619

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nilfs_put_page() function in fs/nilfs2/dir.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) NULL pointer dereference

EUVDB-ID: #VU102112

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56620

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ufs_qcom_probe() function in drivers/ufs/host/ufs-qcom.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) Input validation error

EUVDB-ID: #VU102283

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56622

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the read_req_latency_avg_show() and write_req_latency_avg_show() functions in drivers/ufs/core/ufs-sysfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) Use-after-free

EUVDB-ID: #VU102023

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56623

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qla2x00_do_dpc() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) Resource management error

EUVDB-ID: #VU102244

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56625

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the can_set_termination() function in drivers/net/can/dev/dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) NULL pointer dereference

EUVDB-ID: #VU102114

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56629

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the wacom_update_name() function in drivers/hid/wacom_sys.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) Improper error handling

EUVDB-ID: #VU102203

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56630

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ocfs2_get_init_inode() function in fs/ocfs2/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Use-after-free

EUVDB-ID: #VU102024

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56631

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sg_release() function in drivers/scsi/sg.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) Memory leak

EUVDB-ID: #VU101993

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56632

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nvme_stop_keep_alive() function in drivers/nvme/host/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) NULL pointer dereference

EUVDB-ID: #VU102115

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56634

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the grgpio_probe() function in drivers/gpio/gpio-grgpio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Use-after-free

EUVDB-ID: #VU102026

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56635

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the default_operstate() function in net/core/link_watch.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) Resource management error

EUVDB-ID: #VU102245

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56636

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the geneve_xmit_skb() function in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) Race condition

EUVDB-ID: #VU102219

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56637

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the find_set_type() function in net/netfilter/ipset/ip_set_core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) Resource management error

EUVDB-ID: #VU102228

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56641

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the smc_sk_init(), smc_connect_rdma(), smc_connect_ism() and smc_listen_work() functions in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) Use-after-free

EUVDB-ID: #VU102029

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56642

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cleanup_bearer() function in net/tipc/udp_media.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

119) Memory leak

EUVDB-ID: #VU101989

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56643

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the dccp_feat_change_recv() function in net/dccp/feat.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

120) Memory leak

EUVDB-ID: #VU101992

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56644

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ip6_negative_advice() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

121) Out-of-bounds read

EUVDB-ID: #VU102079

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56648

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the fill_frame_info() function in net/hsr/hsr_forward.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

122) NULL pointer dereference

EUVDB-ID: #VU102117

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56649

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/net/ethernet/freescale/enetc/enetc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

123) Out-of-bounds read

EUVDB-ID: #VU102078

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56650

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the led_tg_check() function in net/netfilter/xt_LED.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

124) Use-after-free

EUVDB-ID: #VU102030

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56651

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hi3110_can_ist() function in drivers/net/can/spi/hi311x.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

125) Incorrect calculation

EUVDB-ID: #VU102257

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56654

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the hci_le_create_big_complete_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

126) Improper error handling

EUVDB-ID: #VU102202

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56656

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the drivers/net/ethernet/broadcom/bnxt/bnxt.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

127) Use-after-free

EUVDB-ID: #VU102033

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56658

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the LLIST_HEAD(), net_free() and cleanup_net() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

128) Improper error handling

EUVDB-ID: #VU102201

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56659

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the include/net/lapb.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

129) NULL pointer dereference

EUVDB-ID: #VU102118

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56660

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dr_domain_add_vport_cap() function in drivers/net/ethernet/mellanox/mlx5/core/steering/sws/dr_domain.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

130) NULL pointer dereference

EUVDB-ID: #VU102119

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56661

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cleanup_bearer() function in net/tipc/udp_media.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

131) Out-of-bounds read

EUVDB-ID: #VU102077

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56662

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the acpi_nfit_ctl() function in drivers/acpi/nfit/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

132) Input validation error

EUVDB-ID: #VU102187

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56663

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the NLA_POLICY_NESTED_ARRAY() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

133) Use-after-free

EUVDB-ID: #VU102034

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56664

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sock_map_lookup_sys() function in net/core/sock_map.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

134) Input validation error

EUVDB-ID: #VU102188

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56665

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the perf_event_detach_bpf_prog() function in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

135) NULL pointer dereference

EUVDB-ID: #VU102122

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56670

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gs_start_io() function in drivers/usb/gadget/function/u_serial.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

136) Use-after-free

EUVDB-ID: #VU102035

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56672

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the blkcg_unpin_online() function in block/blk-cgroup.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

137) Use-after-free

EUVDB-ID: #VU102036

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56675

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the perf_event_detach_bpf_prog() function in kernel/trace/bpf_trace.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

138) Use-after-free

EUVDB-ID: #VU102010

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56677

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the setup_arch() function in arch/powerpc/kernel/setup-common.c, within the fadump_cma_init() and fadump_reserve_mem() functions in arch/powerpc/kernel/fadump.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

139) Use-after-free

EUVDB-ID: #VU102012

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56678

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ___do_page_fault() function in arch/powerpc/mm/fault.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

140) Input validation error

EUVDB-ID: #VU102277

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56679

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the otx2_get_max_mtu() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

141) Improper error handling

EUVDB-ID: #VU102198

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56681

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ahash_hmac_setkey() and ahash_hmac_init() functions in drivers/crypto/bcm/cipher.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

142) Input validation error

EUVDB-ID: #VU102276

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56683

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the vc4_hdmi_debugfs_regs() function in drivers/gpu/drm/vc4/vc4_hdmi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

143) Improper locking

EUVDB-ID: #VU102156

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56687

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the musb_free_request() function in drivers/usb/musb/musb_gadget.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

144) NULL pointer dereference

EUVDB-ID: #VU102096

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56688

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the xs_sock_reset_state_flags() function in net/sunrpc/xprtsock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

145) Input validation error

EUVDB-ID: #VU102261

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56690

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the pcrypt_aead_encrypt() and pcrypt_aead_decrypt() functions in crypto/pcrypt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

146) Resource management error

EUVDB-ID: #VU102226

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56691

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the wcove_typec_probe() function in drivers/usb/typec/tcpm/wcove.c, within the ARRAY_SIZE(), bxtwc_add_chained_irq_chip() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

147) Use-after-free

EUVDB-ID: #VU102013

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56693

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __setup(), brd_alloc(), brd_cleanup() and brd_init() functions in drivers/block/brd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

148) Improper locking

EUVDB-ID: #VU102157

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56694

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the sk_psock_strp_data_ready() function in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

149) NULL pointer dereference

EUVDB-ID: #VU102101

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56698

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dwc3_prepare_trbs_sg() function in drivers/usb/dwc3/gadget.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

150) NULL pointer dereference

EUVDB-ID: #VU102102

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56700

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fmc_send_cmd() function in drivers/media/radio/wl128x/fmdrv_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

151) Improper locking

EUVDB-ID: #VU102158

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56701

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dtl_worker_enable() and dtl_worker_disable() functions in arch/powerpc/platforms/pseries/lpar.c, within the dtl_enable() and dtl_disable() functions in arch/powerpc/platforms/pseries/dtl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

152) Double free

EUVDB-ID: #VU102192

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56704

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the xen_9pfs_front_free() function in net/9p/trans_xen.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

153) Reachable assertion

EUVDB-ID: #VU102190

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56705

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the ia_css_3a_statistics_allocate() function in drivers/staging/media/atomisp/pci/sh_css_params.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

154) Input validation error

EUVDB-ID: #VU102275

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56707

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the otx2_dmacflt_do_add() and otx2_dmacflt_update() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_dmac_flt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

155) Buffer overflow

EUVDB-ID: #VU102237

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56708

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the igen6_register_mci() and igen6_unregister_mcis() functions in drivers/edac/igen6_edac.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

156) Improper locking

EUVDB-ID: #VU102155

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56709

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the io_queue_iowq() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

157) Memory leak

EUVDB-ID: #VU101987

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56712

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the check_memfd_seals(), export_udmabuf() and udmabuf_create() functions in drivers/dma-buf/udmabuf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

158) Memory leak

EUVDB-ID: #VU101986

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56715

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ionic_lif_register() function in drivers/net/ethernet/pensando/ionic/ionic_lif.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

159) Incorrect calculation

EUVDB-ID: #VU102256

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56716

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the nsim_dev_health_break_write() function in drivers/net/netdevsim/health.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

160) Input validation error

EUVDB-ID: #VU102268

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56722

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the free_srqc() function in drivers/infiniband/hw/hns/hns_roce_srq.c, within the hns_roce_mr_free() function in drivers/infiniband/hw/hns/hns_roce_mr.c, within the set_rwqe_data_seg(), free_mr_modify_rsv_qp(), free_mr_post_send_lp_wqe(), free_mr_send_cmd_to_hw(), hns_roce_v2_set_abs_fields(), hns_roce_v2_modify_qp(), hns_roce_v2_query_qp(), hns_roce_v2_destroy_qp_common(), hns_roce_v2_destroy_qp(), hns_roce_v2_modify_cq() and hns_roce_v2_query_cqc() functions in drivers/infiniband/hw/hns/hns_roce_hw_v2.c, within the hns_roce_table_put() function in drivers/infiniband/hw/hns/hns_roce_hem.c, within the free_cqc() function in drivers/infiniband/hw/hns/hns_roce_cq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

161) Resource management error

EUVDB-ID: #VU102225

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56723

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ARRAY_SIZE() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

162) Resource management error

EUVDB-ID: #VU102224

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56724

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the bxt_wcove_tmu_irq_handler() and bxt_wcove_tmu_probe() functions in drivers/platform/x86/intel/bxtwc_tmu.c, within the ARRAY_SIZE() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

163) Input validation error

EUVDB-ID: #VU102269

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56725

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the otx2_config_priority_flow_ctrl() function in drivers/net/ethernet/marvell/octeontx2/nic/otx2_dcbnl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

164) Input validation error

EUVDB-ID: #VU102270

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56726

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the cn10k_alloc_leaf_profile() function in drivers/net/ethernet/marvell/octeontx2/nic/cn10k.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

165) Input validation error

EUVDB-ID: #VU102271

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56727

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the otx2_alloc_mcam_entries() and otx2_mcam_entry_init() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_flows.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

166) Input validation error

EUVDB-ID: #VU102272

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56728

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the otx2_get_pauseparam() and otx2_set_fecparam() functions in drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

167) Memory leak

EUVDB-ID: #VU101985

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56729

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the spin_lock() function in fs/smb/client/cached_dir.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

168) Improper locking

EUVDB-ID: #VU102154

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56739

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the rtc_timer_do_work() function in drivers/rtc/interface.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

169) Memory leak

EUVDB-ID: #VU101984

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56741

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the policy_unpack_test_unpack_strdup_with_null_name(), policy_unpack_test_unpack_strdup_with_name() and policy_unpack_test_unpack_strdup_out_of_bounds() functions in security/apparmor/policy_unpack_test.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

170) Memory leak

EUVDB-ID: #VU101982

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56745

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the reset_method_store() function in drivers/pci/pci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

171) Memory leak

EUVDB-ID: #VU101981

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56746

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sh7760fb_alloc_mem() function in drivers/video/fbdev/sh7760fb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

172) Memory leak

EUVDB-ID: #VU101980

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56747

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the qedi_alloc_and_init_sb() function in drivers/scsi/qedi/qedi_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

173) Memory leak

EUVDB-ID: #VU101979

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56748

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the qedf_alloc_and_init_sb() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

174) Use-after-free

EUVDB-ID: #VU102393

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56759

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btrfs_force_cow_block() and btrfs_cow_block() functions in fs/btrfs/ctree.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

175) Resource management error

EUVDB-ID: #VU102403

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56760

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the __pci_enable_msi_range() function in drivers/pci/msi/msi.c, within the pci_msi_domain_supports() function in drivers/pci/msi/irqdomain.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

176) Resource management error

EUVDB-ID: #VU102404

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56763

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the tracing_cpumask_write() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

177) Use-after-free

EUVDB-ID: #VU102396

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56765

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vas_mmap_fault() function in arch/powerpc/platforms/book3s/vas-api.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

178) Double free

EUVDB-ID: #VU102400

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56766

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the atmel_pmecc_create_user() function in drivers/mtd/nand/raw/atmel/pmecc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

179) Use-after-free

EUVDB-ID: #VU102397

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56767

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the at_xdmac_prep_dma_memset() function in drivers/dma/at_xdmac.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

180) Improper error handling

EUVDB-ID: #VU102401

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56769

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the MODULE_PARM_DESC() function in drivers/media/dvb-frontends/dib3000mb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

181) NULL pointer dereference

EUVDB-ID: #VU102483

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56774

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the btrfs_search_slot() function in fs/btrfs/ctree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

182) Memory leak

EUVDB-ID: #VU102476

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56775

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the restore_planes_and_stream_state() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

183) NULL pointer dereference

EUVDB-ID: #VU102484

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56776

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sti_cursor_atomic_check() function in drivers/gpu/drm/sti/sti_cursor.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

184) NULL pointer dereference

EUVDB-ID: #VU102485

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56777

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sti_gdp_atomic_check() function in drivers/gpu/drm/sti/sti_gdp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

185) NULL pointer dereference

EUVDB-ID: #VU102486

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56778

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sti_hqvdp_atomic_check() function in drivers/gpu/drm/sti/sti_hqvdp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

186) Memory leak

EUVDB-ID: #VU102477

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56779

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the release_open_stateid(), spin_lock() and nfsd4_process_open2() functions in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

187) Improper locking

EUVDB-ID: #VU102489

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56780

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dquot_writeback_dquots() function in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

188) Resource management error

EUVDB-ID: #VU102495

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56787

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the imx8mq_soc_revision_from_atf(), imx8mq_soc_revision(), imx8mm_soc_uid(), kasprintf(), imx8_soc_init() and kfree() functions in drivers/soc/imx/soc-imx8m.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

189) Input validation error

EUVDB-ID: #VU102990

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57791

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the smc_clc_wait_msg() function in net/smc/smc_clc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

190) Buffer overflow

EUVDB-ID: #VU102978

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57792

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the set_charge_current_limit() function in drivers/power/supply/gpio-charger.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

191) Memory leak

EUVDB-ID: #VU102902

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57793

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the alloc_quote_buf() function in drivers/virt/coco/tdx-guest/tdx-guest.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

192) Use-after-free

EUVDB-ID: #VU102906

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57795

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rxe_query_port(), rxe_enable_driver(), INIT_RDMA_OBJ_SIZE() and rxe_register_device() functions in drivers/infiniband/sw/rxe/rxe_verbs.c, within the rxe_parent_name(), rxe_net_add() and rxe_port_down() functions in drivers/infiniband/sw/rxe/rxe_net.c, within the rxe_mcast_add() function in drivers/infiniband/sw/rxe/rxe_mcast.c, within the rxe_dealloc(), rxe_init_device_param(), rxe_init_port_param() and rxe_set_mtu() functions in drivers/infiniband/sw/rxe/rxe.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

193) Use-after-free

EUVDB-ID: #VU102915

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57798

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_dp_mst_up_req_work() and drm_dp_mst_handle_up_req() functions in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

194) Use-after-free

EUVDB-ID: #VU102908

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57801

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlx5_esw_for_each_rep() function in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c, within the mlx5_esw_ipsec_restore_dest_uplink() function in drivers/net/ethernet/mellanox/mlx5/core/esw/ipsec_fs.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

195) Use of uninitialized resource

EUVDB-ID: #VU102960

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57802

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the nr_route_frame() function in net/netrom/nr_route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

196) Buffer overflow

EUVDB-ID: #VU102976

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57804

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the mpi3mr_read_tsu_interval(), mpi3mr_free_mem(), mpi3mr_free_config_dma_memory() and mpi3mr_process_cfg_req() functions in drivers/scsi/mpi3mr/mpi3mr_fw.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

197) Improper error handling

EUVDB-ID: #VU102957

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57809

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the IMX_PCIE_FLAG_HAS_SERDES BIT(), imx_pcie_suspend_noirq() and imx_pcie_resume_noirq() functions in drivers/pci/controller/dwc/pci-imx6.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

198) Improper error handling

EUVDB-ID: #VU102958

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57838

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the arch_init_kprobes() function in arch/s390/kernel/kprobes.c, within the SYM_CODE_START() function in arch/s390/kernel/entry.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

199) Use-after-free

EUVDB-ID: #VU102912

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57849

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cpumsf_pmu_stop() function in arch/s390/kernel/perf_cpum_sf.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

200) Buffer overflow

EUVDB-ID: #VU102968

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57850

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the jffs2_rtime_decompress() function in fs/jffs2/compr_rtime.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

201) Use-after-free

EUVDB-ID: #VU102910

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57857

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the siw_query_device(), siw_query_port() and siw_query_qp() functions in drivers/infiniband/sw/siw/siw_verbs.c, within the siw_device_create(), siw_netdev_event() and siw_newlink() functions in drivers/infiniband/sw/siw/siw_main.c, within the siw_create_listen() and siw_cep_set_free_and_put() functions in drivers/infiniband/sw/siw/siw_cm.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

202) Memory leak

EUVDB-ID: #VU102897

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57874

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tagged_addr_ctrl_get() and tagged_addr_ctrl_set() functions in arch/arm64/kernel/ptrace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

203) Improper locking

EUVDB-ID: #VU102936

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57876

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the drm_dp_mst_topology_mgr_set_mst(), EXPORT_SYMBOL(), update_msg_rx_state() and drm_dp_mst_hpd_irq_handle_event() functions in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

204) NULL pointer dereference

EUVDB-ID: #VU102921

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57882

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mptcp_established_options_add_addr() function in net/mptcp/options.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

205) Use-after-free

EUVDB-ID: #VU102909

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57884

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the zone_reclaimable_pages() function in mm/vmscan.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

206) Use-after-free

EUVDB-ID: #VU102907

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57887

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the adv7533_parse_dt() function in drivers/gpu/drm/bridge/adv7511/adv7533.c, within the adv7511_probe(), i2c_unregister_device() and adv7511_remove() functions in drivers/gpu/drm/bridge/adv7511/adv7511_drv.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

207) Buffer overflow

EUVDB-ID: #VU102977

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57888

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the workqueue_softirq_dead(), __flush_workqueue() and start_flush_work() functions in kernel/workqueue.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

208) Integer overflow

EUVDB-ID: #VU102963

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57890

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the uverbs_request_next_ptr(), ib_uverbs_post_send() and ib_uverbs_unmarshall_recv() functions in drivers/infiniband/core/uverbs_cmd.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

209) Use-after-free

EUVDB-ID: #VU102905

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57892

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the brelse() function in fs/ocfs2/quota_local.c, within the ocfs2_get_next_id() function in fs/ocfs2/quota_global.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

210) Out-of-bounds read

EUVDB-ID: #VU102918

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57893

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the DEFINE_SPINLOCK() and snd_seq_oss_synth_sysex() functions in sound/core/seq/oss/seq_oss_synth.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

211) Use-after-free

EUVDB-ID: #VU102904

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57896

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the close_ctree() function in fs/btrfs/disk-io.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

212) Improper locking

EUVDB-ID: #VU102932

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57897

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the svm_migrate_copy_to_vram() and svm_migrate_copy_to_ram() functions in drivers/gpu/drm/amd/amdkfd/kfd_migrate.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

213) Integer overflow

EUVDB-ID: #VU102964

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57899

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the ieee80211_mbss_info_change_notify() function in net/mac80211/mesh.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

214) Improper locking

EUVDB-ID: #VU102931

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57903

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the sk_setsockopt() function in net/core/sock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

215) Resource management error

EUVDB-ID: #VU103048

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57904

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the at91_ts_register() function in drivers/iio/adc/at91_adc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

216) Memory leak

EUVDB-ID: #VU103002

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57906

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ads8688_trigger_handler() function in drivers/iio/adc/ti-ads8688.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

217) Memory leak

EUVDB-ID: #VU103003

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57907

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the rockchip_saradc_trigger_handler() function in drivers/iio/adc/rockchip_saradc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

218) Memory leak

EUVDB-ID: #VU103004

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57908

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kmx61_trigger_handler() function in drivers/iio/imu/kmx61.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

219) Memory leak

EUVDB-ID: #VU103006

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57910

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the vcnl4035_trigger_consumer_handler() function in drivers/iio/light/vcnl4035.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

220) Memory leak

EUVDB-ID: #VU103007

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57911

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the iio_simple_dummy_trigger_h() function in drivers/iio/dummy/iio_simple_dummy_buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

221) Memory leak

EUVDB-ID: #VU103008

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57912

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the zpa2326_fill_sample_buffer() function in drivers/iio/pressure/zpa2326.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

222) Resource management error

EUVDB-ID: #VU103049

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57913

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the functionfs_bind() function in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

223) NULL pointer dereference

EUVDB-ID: #VU103018

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57915

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gserial_disconnect() function in drivers/usb/gadget/function/u_serial.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

224) Resource management error

EUVDB-ID: #VU103044

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57916

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the pci1xxxx_gpio_irq_handler() function in drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

225) Input validation error

EUVDB-ID: #VU103478

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57917

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an unspecified issue in drivers/base/topology.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

226) Reachable assertion

EUVDB-ID: #VU103037

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57922

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

227) Use-after-free

EUVDB-ID: #VU103010

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57926

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_dev_put() function in drivers/gpu/drm/mediatek/mtk_drm_drv.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

228) NULL pointer dereference

EUVDB-ID: #VU103021

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57929

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the load_ablock() function in drivers/md/persistent-data/dm-array.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

229) Improper privilege management

EUVDB-ID: #VU103139

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57931

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the services_compute_xperms_decision() function in security/selinux/ss/services.c. A local user can read and manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

230) NULL pointer dereference

EUVDB-ID: #VU103123

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57932

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gve_xdp_xmit() function in drivers/net/ethernet/google/gve/gve_tx.c, within the gve_turndown() function in drivers/net/ethernet/google/gve/gve_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

231) NULL pointer dereference

EUVDB-ID: #VU103124

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57933

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gve_xsk_pool_enable(), gve_xsk_pool_disable() and gve_xsk_wakeup() functions in drivers/net/ethernet/google/gve/gve_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

232) Input validation error

EUVDB-ID: #VU103143

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57935

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the put_dip_ctx_idx() function in drivers/infiniband/hw/hns/hns_roce_hw_v2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

233) Buffer overflow

EUVDB-ID: #VU103135

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57936

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the drivers/infiniband/hw/bnxt_re/qplib_fp.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

234) Integer overflow

EUVDB-ID: #VU103133

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57938

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the sctp_association_init() function in net/sctp/associola.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

235) Infinite loop

EUVDB-ID: #VU103134

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57940

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the exfat_readdir() function in fs/exfat/dir.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

236) Improper locking

EUVDB-ID: #VU103127

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57946

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the virtblk_remove() and virtblk_restore() functions in drivers/block/virtio_blk.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

237) Memory leak

EUVDB-ID: #VU103009

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21632

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ssp_get() function in arch/x86/kernel/fpu/regset.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

238) Resource management error

EUVDB-ID: #VU103045

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21645

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the amd_pmc_suspend_handler() function in drivers/platform/x86/amd/pmc/pmc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

239) Resource management error

EUVDB-ID: #VU103051

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21646

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the afs_deliver_yfsvl_get_cell_name() function in fs/afs/vlclient.c, within the afs_vl_get_cell_name() and yfs_check_canonical_cell_name() functions in fs/afs/vl_alias.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

240) NULL pointer dereference

EUVDB-ID: #VU103031

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21649

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hclge_ptp_set_tx_info() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

241) Out-of-bounds read

EUVDB-ID: #VU103015

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21650

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hclgevf_get_regs_len() and hclgevf_get_regs() functions in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_regs.c, within the hclge_fetch_pf_reg() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_regs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

242) Resource management error

EUVDB-ID: #VU103046

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21651

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the hclge_misc_irq_init(), hclge_init_ae_dev() and hclge_uninit_ae_dev() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

243) Use-after-free

EUVDB-ID: #VU103013

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21652

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the default_operstate() function in net/core/link_watch.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

244) Out-of-bounds read

EUVDB-ID: #VU103016

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21653

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the NLA_POLICY_MAX() function in net/sched/cls_flow.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

245) Incorrect calculation

EUVDB-ID: #VU103087

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21655

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the io_queue_deferred() and io_eventfd_ops() functions in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

246) Use of uninitialized resource

EUVDB-ID: #VU103132

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21656

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the drivetemp_scsi_command() function in drivers/hwmon/drivetemp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

247) Improper locking

EUVDB-ID: #VU103129

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21662

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cmd_work_handler() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

248) Improper locking

EUVDB-ID: #VU103130

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21663

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the MAC_SBD_INTR BIT(), tegra_mgbe_resume() and tegra_mgbe_probe() functions in drivers/net/ethernet/stmicro/stmmac/dwmac-tegra.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

249) Out-of-bounds read

EUVDB-ID: #VU103120

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21664

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the get_first_thin() function in drivers/md/dm-thin.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

250) NULL pointer dereference

EUVDB-ID: #VU103513

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21666

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() and vsock_connectible_has_data() functions in net/vmw_vsock/af_vsock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

251) NULL pointer dereference

EUVDB-ID: #VU103583

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21669

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the virtio_transport_recv_pkt() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

252) NULL pointer dereference

EUVDB-ID: #VU103584

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21670

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vsock_bpf_recvmsg() function in net/vmw_vsock/vsock_bpf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

253) Improper locking

EUVDB-ID: #VU103588

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21674

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mlx5e_xfrm_add_state() and mlx5e_xfrm_del_state() functions in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

254) NULL pointer dereference

EUVDB-ID: #VU103585

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21675

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlx5_lag_port_sel_create() and mlx5_destroy_ttc_table() functions in drivers/net/ethernet/mellanox/mlx5/core/lag/port_sel.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

255) Use-after-free

EUVDB-ID: #VU103581

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21676

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fec_enet_tx() and fec_enet_rx_queue() functions in drivers/net/ethernet/freescale/fec_main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

256) Improper locking

EUVDB-ID: #VU103590

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21678

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the gtp_newlink() and gtp_net_exit_batch_rtnl() functions in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

257) NULL pointer dereference

EUVDB-ID: #VU103587

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21682

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bnxt_xdp_set() function in drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c, within the bnxt_set_ring_params(), bnxt_set_rx_skb_mode() and bnxt_init_one() functions in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP6

SUSE Linux Enterprise Workstation Extension 15: SP6

Legacy Module: 15-SP6

SUSE Linux Enterprise Live Patching: 15-SP6

Development Tools Module: 15-SP6

Basesystem Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

kernel-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debugsource: before 6.4.0-150600.23.38.1

dtb-altera: before 6.4.0-150600.23.38.1

dtb-nvidia: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-apm: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-sprd: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-optional: before 6.4.0-150600.23.38.1

dtb-lg: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-arm: before 6.4.0-150600.23.38.1

kernel-64kb-extra-debuginfo: before 6.4.0-150600.23.38.1

dtb-socionext: before 6.4.0-150600.23.38.1

dtb-mediatek: before 6.4.0-150600.23.38.1

kernel-64kb-optional-debuginfo: before 6.4.0-150600.23.38.1

dtb-amd: before 6.4.0-150600.23.38.1

kernel-64kb-devel: before 6.4.0-150600.23.38.1

dtb-amazon: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-cavium: before 6.4.0-150600.23.38.1

kernel-64kb-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-64kb-extra: before 6.4.0-150600.23.38.1

dtb-qcom: before 6.4.0-150600.23.38.1

ocfs2-kmp-64kb: before 6.4.0-150600.23.38.1

kernel-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-hisilicon: before 6.4.0-150600.23.38.1

dtb-broadcom: before 6.4.0-150600.23.38.1

dtb-amlogic: before 6.4.0-150600.23.38.1

dlm-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-allwinner: before 6.4.0-150600.23.38.1

dtb-exynos: before 6.4.0-150600.23.38.1

dtb-freescale: before 6.4.0-150600.23.38.1

dlm-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-marvell: before 6.4.0-150600.23.38.1

dtb-xilinx: before 6.4.0-150600.23.38.1

kselftests-kmp-64kb: before 6.4.0-150600.23.38.1

dtb-rockchip: before 6.4.0-150600.23.38.1

dtb-apple: before 6.4.0-150600.23.38.1

reiserfs-kmp-64kb: before 6.4.0-150600.23.38.1

cluster-md-kmp-64kb-debuginfo: before 6.4.0-150600.23.38.1

dtb-renesas: before 6.4.0-150600.23.38.1

dtb-aarch64: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debuginfo: before 6.4.0-150600.23.38.1

kernel-zfcpdump-debugsource: before 6.4.0-150600.23.38.1

kernel-zfcpdump: before 6.4.0-150600.23.38.1

kernel-kvmsmall: before 6.4.0-150600.23.38.1

kernel-default-livepatch-devel: before 6.4.0-150600.23.38.1

kernel-livepatch-6_4_0-150600_23_38-default-debuginfo: before 1-150600.13.3.2

kernel-livepatch-SLE15-SP6_Update_8-debugsource: before 1-150600.13.3.2

kernel-livepatch-6_4_0-150600_23_38-default: before 1-150600.13.3.2

kernel-default: before 6.4.0-150600.23.38.1

cluster-md-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel: before 6.4.0-150600.23.38.1

kernel-default-livepatch: before 6.4.0-150600.23.38.1

gfs2-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-build-debugsource: before 6.4.0-150600.23.38.1

reiserfs-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-devel-debuginfo: before 6.4.0-150600.23.38.1

ocfs2-kmp-default: before 6.4.0-150600.23.38.1

dlm-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-extra-debuginfo: before 6.4.0-150600.23.38.1

kselftests-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-debugsource: before 6.4.0-150600.23.38.1

ocfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

gfs2-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

cluster-md-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-obs-qa: before 6.4.0-150600.23.38.1

kernel-syms: before 6.4.0-150600.23.38.1

kernel-obs-build: before 6.4.0-150600.23.38.1

kernel-default-extra: before 6.4.0-150600.23.38.1

reiserfs-kmp-default-debuginfo: before 6.4.0-150600.23.38.1

kernel-default-optional: before 6.4.0-150600.23.38.1

kernel-default-optional-debuginfo: before 6.4.0-150600.23.38.1

dlm-kmp-default: before 6.4.0-150600.23.38.1

kernel-default-base-rebuild: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-devel: before 6.4.0-150600.23.38.1

kernel-default-base: before 6.4.0-150600.23.38.1.150600.12.16.2

kernel-kvmsmall-debugsource: before 6.4.0-150600.23.38.1

kernel-kvmsmall-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso-debuginfo: before 6.4.0-150600.23.38.1

kernel-kvmsmall-vdso: before 6.4.0-150600.23.38.1

kernel-default-vdso: before 6.4.0-150600.23.38.1

kernel-debug-devel: before 6.4.0-150600.23.38.1

kernel-debug-debugsource: before 6.4.0-150600.23.38.1

kernel-debug-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug-devel-debuginfo: before 6.4.0-150600.23.38.1

kernel-debug: before 6.4.0-150600.23.38.1

kernel-docs-html: before 6.4.0-150600.23.38.1

kernel-source: before 6.4.0-150600.23.38.1

kernel-macros: before 6.4.0-150600.23.38.1

kernel-source-vanilla: before 6.4.0-150600.23.38.1

kernel-devel: before 6.4.0-150600.23.38.1

kernel-docs: before 6.4.0-150600.23.38.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250499-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###