Risk | Low |
Patch available | YES |
Number of vulnerabilities | 13 |
CVE-ID | CVE-2022-3566 CVE-2022-45884 CVE-2022-45885 CVE-2022-45886 CVE-2022-45887 CVE-2022-45919 CVE-2023-1380 CVE-2023-2176 CVE-2023-2194 CVE-2023-2513 CVE-2023-31084 CVE-2023-31436 CVE-2023-32269 |
CWE-ID | CWE-362 CWE-416 CWE-125 CWE-787 CWE-833 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software |
SUSE Linux Enterprise High Availability Extension 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server 12 SP4 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise Server 12 SP4 ESPOS Operating systems & Components / Operating system SUSE Linux Enterprise Server 12 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 12 Operating systems & Components / Operating system SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE OpenStack Cloud Crowbar Operating systems & Components / Operating system SUSE OpenStack Cloud Operating systems & Components / Operating system kernel-default-kgraft Operating systems & Components / Operating system package or component kgraft-patch-4_12_14-95_128-default Operating systems & Components / Operating system package or component kernel-default-kgraft-devel Operating systems & Components / Operating system package or component kernel-default-man Operating systems & Components / Operating system package or component kernel-default-devel-debuginfo Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-macros Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component ocfs2-kmp-default Operating systems & Components / Operating system package or component kernel-syms Operating systems & Components / Operating system package or component kernel-default-base-debuginfo Operating systems & Components / Operating system package or component kernel-default-debugsource Operating systems & Components / Operating system package or component gfs2-kmp-default Operating systems & Components / Operating system package or component ocfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-default-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-default Operating systems & Components / Operating system package or component kernel-default-devel Operating systems & Components / Operating system package or component cluster-md-kmp-default-debuginfo Operating systems & Components / Operating system package or component kernel-default-base Operating systems & Components / Operating system package or component gfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-default Operating systems & Components / Operating system package or component kernel-default-debuginfo Operating systems & Components / Operating system package or component kernel-default Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
EUVDB-ID: #VU69810
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-3566
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the tcp_getsockopt() and tcp_setsockopt() functions in net/ipv4/tcp.c, do_ipv6_setsockopt() function in net/ipv6/ipv6_sockglue.c, and tcp_v6_connect() function in net/ipv6/tcp_ipv6.c in Linux kernel. A local user can exploit the race and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75333
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-45884
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in drivers/media/dvb-core/dvbdev.c in Linux kernel related to dvb_register_device() function dynamically allocating fops. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75334
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-45885
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in drivers/media/dvb-core/dvb_frontend.c in Linux kernel. A local user can trigger a race condition and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75336
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-45886
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75338
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-45887
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition in drivers/media/usb/ttusb-dec/ttusb_dec.c in Linux kernel. A local user can exploit the race and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75337
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-45919
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73280
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-1380
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the Broadcom Full MAC Wi-Fi driver (brcmfmac.ko). A local user can trigger an out-of-bounds read error and read contents of kernel memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75995
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2176
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the compare_netdev_and_ip() function in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU77249
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2194
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the Linux kernel's SLIMpro I2C device driver. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU76455
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2513
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ext4 filesystem in the way it handled the extra inode size for extended attributes. A local user can trigger a use-after-free error and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU77246
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31084
CWE-ID:
CWE-833 - Deadlock
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a deadlock in drivers/media/dvb-core/dvb_frontend.c when a task is in !TASK_RUNNING. A local user can trigger a deadlock and crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU76098
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31436
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the qfq_change_class() function in net/sched/sch_qfq.c when handling the MTU value provided to the QFQ Scheduler. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU76221
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-32269
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in net/netrom/af_netrom.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability requires that the system has netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise High Availability Extension 12: SP4
SUSE Linux Enterprise Server for SAP Applications 12: SP4
SUSE Linux Enterprise Server 12 SP4 LTSS: 12-SP4
SUSE Linux Enterprise Server 12 SP4 ESPOS: 12-SP4
SUSE Linux Enterprise Server 12: SP4
SUSE Linux Enterprise High Performance Computing 12: SP4
SUSE Linux Enterprise Live Patching: 12-SP4
SUSE OpenStack Cloud Crowbar: 9
SUSE OpenStack Cloud: 9
kernel-default-kgraft: before 4.12.14-95.128.1
kgraft-patch-4_12_14-95_128-default: before 1-6.3.1
kernel-default-kgraft-devel: before 4.12.14-95.128.1
kernel-default-man: before 4.12.14-95.128.1
kernel-default-devel-debuginfo: before 4.12.14-95.128.1
kernel-devel: before 4.12.14-95.128.1
kernel-macros: before 4.12.14-95.128.1
kernel-source: before 4.12.14-95.128.1
ocfs2-kmp-default: before 4.12.14-95.128.1
kernel-syms: before 4.12.14-95.128.1
kernel-default-base-debuginfo: before 4.12.14-95.128.1
kernel-default-debugsource: before 4.12.14-95.128.1
gfs2-kmp-default: before 4.12.14-95.128.1
ocfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default-debuginfo: before 4.12.14-95.128.1
dlm-kmp-default: before 4.12.14-95.128.1
kernel-default-devel: before 4.12.14-95.128.1
cluster-md-kmp-default-debuginfo: before 4.12.14-95.128.1
kernel-default-base: before 4.12.14-95.128.1
gfs2-kmp-default-debuginfo: before 4.12.14-95.128.1
cluster-md-kmp-default: before 4.12.14-95.128.1
kernel-default-debuginfo: before 4.12.14-95.128.1
kernel-default: before 4.12.14-95.128.1
CPE2.3https://www.suse.com/support/update/announcement/2023/suse-su-20232537-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.