Risk | Low |
Patch available | YES |
Number of vulnerabilities | 15 |
CVE-ID | CVE-2021-34556 CVE-2021-35477 CVE-2021-3640 CVE-2021-3653 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 CVE-2021-38198 CVE-2021-38204 CVE-2021-38205 CVE-2021-38207 |
CWE-ID | CWE-200 CWE-203 CWE-416 CWE-264 CWE-400 CWE-476 CWE-125 CWE-732 CWE-824 CWE-120 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
SUSE Linux Enterprise Module for Realtime Operating systems & Components / Operating system SUSE MicroOS Operating systems & Components / Operating system ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 15 vulnerabilities.
EUVDB-ID: #VU64203
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-34556
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A local user can gain unauthorized access to sensitive information on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92412
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-35477
CWE-ID:
CWE-203 - Observable discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to observable discrepancy error. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63769
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3640
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in sco_sock_sendmsg() function of the Linux kernel HCI subsystem. A privileged local user can call ioct UFFDIO_REGISTER or other way trigger race condition to escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU56904
Risk: Low
CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3653
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest.
As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU56929
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3656
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions within the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest.The vulnerability allows the L2 guest to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63664
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3679
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to lack of CPU resource in the Linux kernel tracing module functionality when using trace ring buffer in a specific way. A privileged local user (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU74548
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3732
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists in the way the user mounts the TmpFS filesystem with OverlayFS. A local user can gain access to hidden files that should not be accessible.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90666
Risk: Low
CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3739
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to read data or crash the application.
The vulnerability exists due to NULL pointer dereference within the btrfs_rm_device() function in fs/btrfs/volumes.c. A local user can read data or crash the application.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63913
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3743
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to a boundary condition in the Qualcomm IPC router protocol in the Linux kernel. A local user can gain access to out-of-bounds memory to leak internal kernel information or perform a denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64210
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3753
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel. A local user can trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63914
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3759
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists in the Linux kernel’s ipc functionality of the memcg subsystem when user calls the semget function multiple times, creating semaphores. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63665
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-38198
CWE-ID:
CWE-732 - Incorrect Permission Assignment for Critical Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page. A local user can trigger an error to perform a denial of service attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63666
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-38204
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform a denial of service attack.
The vulnerability exists due to a use-after-free error in the drivers/usb/host/max3421-hcd.c in the Linux kernel. An attacker with physical access to the system can remove a MAX-3421 USB device to perform a denial of service attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92755
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-38205
CWE-ID:
CWE-824 - Access of Uninitialized Pointer
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92752
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-38207
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about 10 minutes.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
ocfs2-kmp-rt-debuginfo: before 5.3.18-51.2
ocfs2-kmp-rt: before 5.3.18-51.2
kernel-syms-rt: before 5.3.18-51.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-51.2
kernel-rt_debug-devel: before 5.3.18-51.2
kernel-rt_debug-debugsource: before 5.3.18-51.2
kernel-rt_debug-debuginfo: before 5.3.18-51.2
kernel-rt_debug: before 5.3.18-51.2
kernel-rt-devel-debuginfo: before 5.3.18-51.2
kernel-rt-devel: before 5.3.18-51.2
gfs2-kmp-rt-debuginfo: before 5.3.18-51.2
gfs2-kmp-rt: before 5.3.18-51.2
dlm-kmp-rt-debuginfo: before 5.3.18-51.2
dlm-kmp-rt: before 5.3.18-51.2
cluster-md-kmp-rt-debuginfo: before 5.3.18-51.2
cluster-md-kmp-rt: before 5.3.18-51.2
kernel-source-rt: before 5.3.18-51.1
kernel-devel-rt: before 5.3.18-51.1
kernel-rt-debugsource: before 5.3.18-51.2
kernel-rt-debuginfo: before 5.3.18-51.2
kernel-rt: before 5.3.18-51.2
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213177-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.