SUSE update for the Linux Kernel



| Updated: 2025-03-14
Risk Medium
Patch available YES
Number of vulnerabilities 320
CVE-ID CVE-2020-36788
CVE-2021-39698
CVE-2021-4148
CVE-2021-43056
CVE-2021-47358
CVE-2021-47359
CVE-2021-47360
CVE-2021-47361
CVE-2021-47362
CVE-2021-47363
CVE-2021-47364
CVE-2021-47365
CVE-2021-47366
CVE-2021-47367
CVE-2021-47368
CVE-2021-47369
CVE-2021-47370
CVE-2021-47371
CVE-2021-47372
CVE-2021-47373
CVE-2021-47374
CVE-2021-47375
CVE-2021-47376
CVE-2021-47378
CVE-2021-47379
CVE-2021-47380
CVE-2021-47381
CVE-2021-47382
CVE-2021-47383
CVE-2021-47384
CVE-2021-47385
CVE-2021-47386
CVE-2021-47387
CVE-2021-47388
CVE-2021-47389
CVE-2021-47390
CVE-2021-47391
CVE-2021-47392
CVE-2021-47393
CVE-2021-47394
CVE-2021-47395
CVE-2021-47396
CVE-2021-47397
CVE-2021-47398
CVE-2021-47399
CVE-2021-47400
CVE-2021-47401
CVE-2021-47402
CVE-2021-47403
CVE-2021-47404
CVE-2021-47405
CVE-2021-47406
CVE-2021-47407
CVE-2021-47408
CVE-2021-47409
CVE-2021-47410
CVE-2021-47412
CVE-2021-47413
CVE-2021-47414
CVE-2021-47415
CVE-2021-47416
CVE-2021-47417
CVE-2021-47418
CVE-2021-47419
CVE-2021-47420
CVE-2021-47421
CVE-2021-47422
CVE-2021-47423
CVE-2021-47424
CVE-2021-47425
CVE-2021-47426
CVE-2021-47427
CVE-2021-47428
CVE-2021-47429
CVE-2021-47430
CVE-2021-47431
CVE-2021-47433
CVE-2021-47434
CVE-2021-47435
CVE-2021-47436
CVE-2021-47437
CVE-2021-47438
CVE-2021-47439
CVE-2021-47440
CVE-2021-47441
CVE-2021-47442
CVE-2021-47443
CVE-2021-47444
CVE-2021-47445
CVE-2021-47446
CVE-2021-47447
CVE-2021-47448
CVE-2021-47449
CVE-2021-47450
CVE-2021-47451
CVE-2021-47452
CVE-2021-47453
CVE-2021-47454
CVE-2021-47455
CVE-2021-47456
CVE-2021-47457
CVE-2021-47458
CVE-2021-47459
CVE-2021-47460
CVE-2021-47461
CVE-2021-47462
CVE-2021-47463
CVE-2021-47464
CVE-2021-47465
CVE-2021-47466
CVE-2021-47467
CVE-2021-47468
CVE-2021-47469
CVE-2021-47470
CVE-2021-47471
CVE-2021-47472
CVE-2021-47473
CVE-2021-47474
CVE-2021-47475
CVE-2021-47476
CVE-2021-47477
CVE-2021-47478
CVE-2021-47479
CVE-2021-47480
CVE-2021-47481
CVE-2021-47482
CVE-2021-47483
CVE-2021-47484
CVE-2021-47485
CVE-2021-47486
CVE-2021-47488
CVE-2021-47489
CVE-2021-47490
CVE-2021-47491
CVE-2021-47492
CVE-2021-47493
CVE-2021-47494
CVE-2021-47495
CVE-2021-47496
CVE-2021-47497
CVE-2021-47498
CVE-2021-47499
CVE-2021-47500
CVE-2021-47501
CVE-2021-47502
CVE-2021-47503
CVE-2021-47505
CVE-2021-47506
CVE-2021-47507
CVE-2021-47509
CVE-2021-47510
CVE-2021-47511
CVE-2021-47513
CVE-2021-47514
CVE-2021-47516
CVE-2021-47518
CVE-2021-47520
CVE-2021-47521
CVE-2021-47522
CVE-2021-47523
CVE-2021-47524
CVE-2021-47525
CVE-2021-47526
CVE-2021-47527
CVE-2021-47528
CVE-2021-47529
CVE-2021-47533
CVE-2021-47534
CVE-2021-47535
CVE-2021-47536
CVE-2021-47537
CVE-2021-47540
CVE-2021-47541
CVE-2021-47542
CVE-2021-47544
CVE-2021-47549
CVE-2021-47550
CVE-2021-47551
CVE-2021-47553
CVE-2021-47554
CVE-2021-47556
CVE-2021-47558
CVE-2021-47559
CVE-2021-47560
CVE-2021-47562
CVE-2021-47563
CVE-2021-47564
CVE-2021-47565
CVE-2022-48632
CVE-2022-48634
CVE-2022-48636
CVE-2022-48652
CVE-2022-48662
CVE-2022-48671
CVE-2022-48672
CVE-2022-48673
CVE-2022-48675
CVE-2022-48686
CVE-2022-48687
CVE-2022-48688
CVE-2022-48692
CVE-2022-48693
CVE-2022-48694
CVE-2022-48695
CVE-2022-48697
CVE-2022-48699
CVE-2022-48700
CVE-2022-48701
CVE-2022-48702
CVE-2022-48703
CVE-2022-48704
CVE-2022-48708
CVE-2022-48709
CVE-2022-48710
CVE-2023-0160
CVE-2023-1829
CVE-2023-2860
CVE-2023-47233
CVE-2023-52591
CVE-2023-52654
CVE-2023-52655
CVE-2023-52676
CVE-2023-52686
CVE-2023-52690
CVE-2023-52702
CVE-2023-52703
CVE-2023-52707
CVE-2023-52708
CVE-2023-52730
CVE-2023-52733
CVE-2023-52736
CVE-2023-52738
CVE-2023-52739
CVE-2023-52740
CVE-2023-52741
CVE-2023-52742
CVE-2023-52743
CVE-2023-52744
CVE-2023-52745
CVE-2023-52747
CVE-2023-52753
CVE-2023-52754
CVE-2023-52756
CVE-2023-52759
CVE-2023-52763
CVE-2023-52764
CVE-2023-52766
CVE-2023-52774
CVE-2023-52781
CVE-2023-52788
CVE-2023-52789
CVE-2023-52791
CVE-2023-52798
CVE-2023-52799
CVE-2023-52800
CVE-2023-52804
CVE-2023-52805
CVE-2023-52806
CVE-2023-52810
CVE-2023-52811
CVE-2023-52814
CVE-2023-52816
CVE-2023-52817
CVE-2023-52818
CVE-2023-52819
CVE-2023-52821
CVE-2023-52825
CVE-2023-52826
CVE-2023-52832
CVE-2023-52833
CVE-2023-52834
CVE-2023-52838
CVE-2023-52840
CVE-2023-52841
CVE-2023-52844
CVE-2023-52847
CVE-2023-52853
CVE-2023-52854
CVE-2023-52855
CVE-2023-52856
CVE-2023-52858
CVE-2023-52864
CVE-2023-52865
CVE-2023-52867
CVE-2023-52868
CVE-2023-52870
CVE-2023-52871
CVE-2023-52872
CVE-2023-52873
CVE-2023-52875
CVE-2023-52876
CVE-2023-52877
CVE-2023-52878
CVE-2023-52880
CVE-2023-6531
CVE-2024-0639
CVE-2024-26739
CVE-2024-26764
CVE-2024-26828
CVE-2024-26840
CVE-2024-26852
CVE-2024-26862
CVE-2024-26921
CVE-2024-26925
CVE-2024-26928
CVE-2024-26929
CVE-2024-26930
CVE-2024-27398
CVE-2024-27413
CVE-2024-35811
CVE-2024-35815
CVE-2024-35817
CVE-2024-35863
CVE-2024-35867
CVE-2024-35868
CVE-2024-35895
CVE-2024-35904
CVE-2024-35905
CVE-2024-35914
CVE-2024-36926
CWE-ID CWE-416
CWE-354
CWE-252
CWE-667
CWE-399
CWE-388
CWE-476
CWE-369
CWE-401
CWE-119
CWE-193
CWE-125
CWE-908
CWE-200
CWE-20
CWE-835
CWE-682
CWE-404
CWE-362
CWE-121
CWE-665
CWE-415
CWE-269
CWE-191
CWE-190
CWE-617
CWE-264
CWE-366
Exploitation vector Local network
Public exploit Public exploit code for vulnerability #216 is available.
Public exploit code for vulnerability #308 is available.
Vulnerable software
SUSE Linux Enterprise Server 15 SP4 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing ESPOS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15 SP4 LTSS
Operating systems & Components / Operating system

openSUSE Leap Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

kernel-64kb
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

dtb-amazon
Operating systems & Components / Operating system package or component

kernel-64kb-livepatch-devel
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

dtb-apple
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP4_Update_27-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_122-default
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 320 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU90085

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36788

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nouveau_gem_new() function in drivers/gpu/drm/nouveau/nouveau_gem.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU61097

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-39698

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Linux kernel. A local user can run a specially crafted program to trigger the use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper validation of integrity check value

EUVDB-ID: #VU92749

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-4148

CWE-ID: CWE-354 - Improper Validation of Integrity Check Value

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Unchecked Return Value

EUVDB-ID: #VU63921

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-43056

CWE-ID: CWE-252 - Unchecked Return Value

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation error when handling SRR1 register values. A local user can perform a denial of service attack, when the host is running on Power8.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU91059

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47358

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gbphy_runtime_put_autosuspend(), gb_uart_probe() and gb_uart_remove() functions in drivers/staging/greybus/uart.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper locking

EUVDB-ID: #VU91510

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47359

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cifs_close_deferred_file() and cifs_close_all_deferred_files() functions in fs/cifs/misc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Resource management error

EUVDB-ID: #VU93605

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47360

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the binder_deferred_fd_close(), binder_transaction_buffer_release(), binder_free_txn_fixups(), binder_free_buf(), binder_thread_write() and binder_cleanup_transaction() functions in drivers/android/binder.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper error handling

EUVDB-ID: #VU90939

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47361

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the mcb_alloc_bus() function in drivers/mcb/mcb-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU90498

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47362

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the si_dpm_enable() function in drivers/gpu/drm/amd/pm/powerplay/si_dpm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Division by zero

EUVDB-ID: #VU91371

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47363

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the replace_nexthop_grp() function in net/ipv4/nexthop.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Memory leak

EUVDB-ID: #VU89964

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47364

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the compat_insnlist() function in drivers/staging/comedi/comedi_fops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Memory leak

EUVDB-ID: #VU91628

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47365

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the afs_extend_writeback() function in fs/afs/write.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Buffer overflow

EUVDB-ID: #VU93171

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47366

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the afs_fs_fetch_data(), afs_fs_store_data(), afs_fs_setattr_size() and afs_deliver_fs_get_capabilities() functions in fs/afs/fsclient.c, within the afs_fileserver_probe_result() and clear_bit() functions in fs/afs/fs_probe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Memory leak

EUVDB-ID: #VU91627

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47367

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the page_to_skb() function in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Resource management error

EUVDB-ID: #VU93188

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47368

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the enetc_clear_bdrs() and enetc_setup_irqs() functions in drivers/net/ethernet/freescale/enetc/enetc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) NULL pointer dereference

EUVDB-ID: #VU91457

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47369

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the qeth_clear_working_pool_list() function in drivers/s390/net/qeth_core_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Resource management error

EUVDB-ID: #VU93266

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47370

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mptcp_sendmsg_frag() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory leak

EUVDB-ID: #VU89965

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-47371

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nexthops_dump() and EXPORT_SYMBOL() functions in net/ipv4/nexthop.c, within the vxlan_exit_batch_net() and register_nexthop_notifier() functions in drivers/net/vxlan.c. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU90136

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47372

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the macb_remove() function in drivers/net/ethernet/cadence/macb_pci.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Off-by-one

EUVDB-ID: #VU91173

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47373

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the its_vpe_irq_domain_alloc() function in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Resource management error

EUVDB-ID: #VU93598

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47374

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the add_dma_entry() function in kernel/dma/debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU90138

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47375

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the blk_trace_remove_queue() function in kernel/trace/blktrace.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Buffer overflow

EUVDB-ID: #VU93604

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47376

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the check_btf_line() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU91058

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47378

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_rdma_free_queue(), nvme_rdma_conn_established(), nvme_rdma_route_resolved() and nvme_rdma_cm_handler() functions in drivers/nvme/host/rdma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU90139

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47379

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the spin_lock_irq() and blkcg_deactivate_policy() functions in block/blk-cgroup.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) NULL pointer dereference

EUVDB-ID: #VU90494

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47380

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amd_mp2_pci_probe() function in drivers/hid/amd-sfh-hid/amd_sfh_pcie.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Buffer overflow

EUVDB-ID: #VU93502

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47381

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the xtensa_stack() function in sound/soc/sof/xtensa/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper locking

EUVDB-ID: #VU90741

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47382

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qeth_do_reset() function in drivers/s390/net/qeth_core_main.c, within the EXPORT_SYMBOL(), ccwgroup_set_offline() and ccwgroup_online_store() functions in drivers/s390/cio/ccwgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds read

EUVDB-ID: #VU91390

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47383

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vc_do_resize() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) NULL pointer dereference

EUVDB-ID: #VU90501

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47384

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the TEMP_TO_REG() and w83793_detect_subclients() functions in drivers/hwmon/w83793.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) NULL pointer dereference

EUVDB-ID: #VU90469

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47385

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the w83792d_detect_subclients() function in drivers/hwmon/w83792d.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) NULL pointer dereference

EUVDB-ID: #VU90503

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47386

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the w83791d_detect_subclients() function in drivers/hwmon/w83791d.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Resource management error

EUVDB-ID: #VU93189

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47387

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the sugov_tunables_free(), sugov_tunables_alloc(), sugov_init() and sugov_exit() functions in kernel/sched/cpufreq_schedutil.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free

EUVDB-ID: #VU90140

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47388

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee80211_crypto_ccmp_decrypt() and ieee80211_crypto_gcmp_decrypt() functions in net/mac80211/wpa.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Memory leak

EUVDB-ID: #VU91626

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47389

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sev_receive_start() function in arch/x86/kvm/svm/sev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds read

EUVDB-ID: #VU90300

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47390

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ioapic_write_indirect() function in arch/x86/kvm/ioapic.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free

EUVDB-ID: #VU90141

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47391

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cma_cancel_operation() and rdma_resolve_addr() functions in drivers/infiniband/core/cma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Improper locking

EUVDB-ID: #VU90743

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47392

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cma_cancel_route(), cma_cancel_listens() and cma_listen_on_all() functions in drivers/infiniband/core/cma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Out-of-bounds read

EUVDB-ID: #VU90302

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47393

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mlxreg_fan_set_cur_state() function in drivers/hwmon/mlxreg-fan.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Use-after-free

EUVDB-ID: #VU90137

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47394

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __nft_release_table() and __nft_release_tables() functions in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Resource management error

EUVDB-ID: #VU93467

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47395

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ieee80211_parse_tx_radiotap() function in net/mac80211/tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Resource management error

EUVDB-ID: #VU93254

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47396

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mac80211_hwsim_beacon() function in drivers/net/wireless/mac80211_hwsim.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) NULL pointer dereference

EUVDB-ID: #VU92066

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47397

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sctp_rcv_ootb() function in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Memory leak

EUVDB-ID: #VU91625

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47398

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hfi1_ipoib_tx_timeout() function in drivers/infiniband/hw/hfi1/ipoib_tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) NULL pointer dereference

EUVDB-ID: #VU90502

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47399

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ixgbe_xdp_setup() function in drivers/net/ethernet/intel/ixgbe/ixgbe_main.c, within the ixgbe_max_channels() function in drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Resource management error

EUVDB-ID: #VU93185

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47400

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the hns3_nic_net_open() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Memory leak

EUVDB-ID: #VU91624

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47401

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ipoctal_inst_slot() and __ipoctal_remove() functions in drivers/ipack/devices/ipoctal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Use-after-free

EUVDB-ID: #VU90142

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47402

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fl_walk() function in net/sched/cls_flower.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Memory leak

EUVDB-ID: #VU91623

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47403

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ipoctal_port_activate() and ipoctal_cleanup() functions in drivers/ipack/devices/ipoctal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

EUVDB-ID: #VU90298

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47404

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the betopff_init() function in drivers/hid/hid-betopff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Memory leak

EUVDB-ID: #VU89966

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47405

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hid_ctrl() and usbhid_stop() functions in drivers/hid/usbhid/hid-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Improper error handling

EUVDB-ID: #VU90940

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47406

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ext4_ext_replay_shrink_inode(), skip_hole() and ext4_ext_replay_set_iblocks() functions in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) NULL pointer dereference

EUVDB-ID: #VU93054

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47407

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the kvm_arch_free_vm() and kvm_arch_init_vm() functions in arch/x86/kvm/x86.c, within the kvm_page_track_cleanup() function in arch/x86/kvm/mmu/page_track.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Improper locking

EUVDB-ID: #VU91511

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47408

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the DEFINE_SPINLOCK(), get_next_corpse(), nf_ct_iterate_cleanup() and nf_conntrack_hash_resize() functions in net/netfilter/nf_conntrack_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) NULL pointer dereference

EUVDB-ID: #VU92067

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47409

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dwc2_hcd_init() function in drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Resource management error

EUVDB-ID: #VU93599

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47410

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the svm_migrate_init() function in drivers/gpu/drm/amd/amdkfd/kfd_migrate.c, within the kgd2kfd_device_exit() function in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Improper error handling

EUVDB-ID: #VU90941

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47412

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the block/bio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) NULL pointer dereference

EUVDB-ID: #VU90504

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47413

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ci_hdrc_imx_probe() function in drivers/usb/chipidea/ci_hdrc_imx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Resource management error

EUVDB-ID: #VU93392

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47414

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ipi_remote_fence_i() function in arch/riscv/mm/cacheflush.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) NULL pointer dereference

EUVDB-ID: #VU91233

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47415

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __iwl_mvm_remove_time_event() function in drivers/net/wireless/intel/iwlwifi/mvm/time-event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Memory leak

EUVDB-ID: #VU89967

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47416

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __mdiobus_register() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Memory leak

EUVDB-ID: #VU89968

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47417

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the strset__free() function in tools/lib/bpf/strset.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) NULL pointer dereference

EUVDB-ID: #VU90505

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47418

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fifo_set_limit() function in net/sched/sch_fifo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Resource management error

EUVDB-ID: #VU93280

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47419

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the taprio_destroy() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Memory leak

EUVDB-ID: #VU89969

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47420

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kfd_mem_dmaunmap_userptr() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Improper locking

EUVDB-ID: #VU90742

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47421

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the amdgpu_pci_error_detected() and amdgpu_pci_resume() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Memory leak

EUVDB-ID: #VU89970

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47422

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nv50_head_crc_late_register() function in drivers/gpu/drm/nouveau/dispnv50/crc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Memory leak

EUVDB-ID: #VU89971

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47423

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the drivers/gpu/drm/nouveau/nouveau_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Use of uninitialized resource

EUVDB-ID: #VU90976

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47424

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the i40e_clear_interrupt_scheme() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Information disclosure

EUVDB-ID: #VU91338

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47425

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the i2c_acpi_notify() function in drivers/i2c/i2c-core-acpi.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Memory leak

EUVDB-ID: #VU89972

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47426

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the bpf_int_jit_compile() function in arch/s390/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Use-after-free

EUVDB-ID: #VU91057

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47427

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iscsi_eh_abort() function in drivers/scsi/libiscsi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Resource management error

EUVDB-ID: #VU93186

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47428

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the EXC_COMMON_BEGIN() function in arch/powerpc/kernel/exceptions-64s.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Resource management error

EUVDB-ID: #VU93187

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47429

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the die_mce() function in arch/powerpc/kernel/traps.c, within the EXC_COMMON_BEGIN() and END_FTR_SECTION_IFSET() functions in arch/powerpc/kernel/exceptions-64s.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Input validation error

EUVDB-ID: #VU90856

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47430

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the setup_smap() function in arch/x86/kernel/cpu/common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Information disclosure

EUVDB-ID: #VU91339

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47431

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the gmc_v9_0_hw_fini() function in drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c, within the gmc_v10_0_hw_fini() function in drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Resource management error

EUVDB-ID: #VU93292

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47433

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the btrfs_replace_file_extents() function in fs/btrfs/file.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Buffer overflow

EUVDB-ID: #VU93139

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47434

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the xhci_handle_stopped_cmd_ring() function in drivers/usb/host/xhci-ring.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) NULL pointer dereference

EUVDB-ID: #VU90405

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47435

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the start_io_acct() and dec_pending() functions in drivers/md/dm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) NULL pointer dereference

EUVDB-ID: #VU90404

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47436

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dsps_probe() function in drivers/usb/musb/musb_dsps.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Improper locking

EUVDB-ID: #VU90739

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47437

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the adis16475_set_freq() function in drivers/iio/imu/adis16475.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Memory leak

EUVDB-ID: #VU89935

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47438

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mlx5_core_destroy_cq() function in drivers/net/ethernet/mellanox/mlx5/core/cq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) NULL pointer dereference

EUVDB-ID: #VU90533

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47439

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL() function in drivers/net/dsa/microchip/ksz_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) NULL pointer dereference

EUVDB-ID: #VU90408

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47440

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the encx24j600_spi_probe() function in drivers/net/ethernet/microchip/encx24j600.c, within the devm_regmap_init_encx24j600() function in drivers/net/ethernet/microchip/encx24j600-regmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Out-of-bounds read

EUVDB-ID: #VU90277

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47441

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the MLXSW_THERMAL_TEMP_SCORE_MAX GENMASK(), mlxsw_thermal_set_cur_state() and mlxsw_thermal_init() functions in drivers/net/ethernet/mellanox/mlxsw/core_thermal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Memory leak

EUVDB-ID: #VU89936

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47442

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the digital_in_send_sdd_req() function in net/nfc/digital_technology.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Memory leak

EUVDB-ID: #VU89937

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47443

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the digital_tg_configure_hw() and digital_tg_listen_mdaa() functions in net/nfc/digital_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Buffer overflow

EUVDB-ID: #VU93140

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47444

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the connector_bad_edid() function in drivers/gpu/drm/drm_edid.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) NULL pointer dereference

EUVDB-ID: #VU90407

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47445

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the msm_edp_ctrl_power() and msm_edp_ctrl_init() functions in drivers/gpu/drm/msm/edp/edp_ctrl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Improper error handling

EUVDB-ID: #VU90932

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47446

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the a4xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a4xx_gpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Improper error handling

EUVDB-ID: #VU90931

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47447

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the a3xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a3xx_gpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Infinite loop

EUVDB-ID: #VU91409

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47448

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the mptcp_check_data_fin(), mptcp_data_ready(), mptcp_check_for_eof(), mptcp_wait_data(), mptcp_recvmsg(), tcp_recv_timestamp(), mptcp_check_fastclose(), mptcp_check_readable() and mptcp_poll() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Improper locking

EUVDB-ID: #VU90738

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47449

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ice_ptp_flush_tx_tracker() function in drivers/net/ethernet/intel/ice/ice_ptp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) Incorrect calculation

EUVDB-ID: #VU93753

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47450

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the hyp_get_page() function in arch/arm64/kvm/hyp/nvhe/page_alloc.c, within the host_s2_zalloc_pages_exact() function in arch/arm64/kvm/hyp/nvhe/mem_protect.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) Improper locking

EUVDB-ID: #VU92011

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47451

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the idletimer_tg_create() function in net/netfilter/xt_IDLETIMER.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Improper resource shutdown or release

EUVDB-ID: #VU93745

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47452

CWE-ID: CWE-404 - Improper Resource Shutdown or Release

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to failure to properly release resources within the nft_netdev_event() and nf_tables_netdev_event() functions in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Memory leak

EUVDB-ID: #VU89938

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47453

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ice_probe() and ice_remove() functions in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Improper locking

EUVDB-ID: #VU92013

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47454

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __cpu_die() function in arch/powerpc/kernel/smp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) Memory leak

EUVDB-ID: #VU89939

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47455

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ptp_clock_register() function in drivers/ptp/ptp_clock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Use-after-free

EUVDB-ID: #VU90060

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47456

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the peak_pci_remove() function in drivers/net/can/sja1000/peak_pci.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

101) Resource management error

EUVDB-ID: #VU93183

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47457

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the isotp_sendmsg() function in net/can/isotp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Buffer overflow

EUVDB-ID: #VU91306

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47458

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the ocfs2_initialize_super() function in fs/ocfs2/super.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) Use-after-free

EUVDB-ID: #VU90061

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47459

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the j1939_netdev_start() function in net/can/j1939/main.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Buffer overflow

EUVDB-ID: #VU93141

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47460

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ocfs2_set_inode_data_inline() and ocfs2_convert_inline_data_to_extents() functions in fs/ocfs2/alloc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Race condition

EUVDB-ID: #VU93603

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47461

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the userfaultfd_writeprotect() function in fs/userfaultfd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) Use of uninitialized resource

EUVDB-ID: #VU90866

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47462

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the do_set_mempolicy() and sanitize_mpol_flags() functions in mm/mempolicy.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) NULL pointer dereference

EUVDB-ID: #VU90406

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47463

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/linux/secretmem.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) NULL pointer dereference

EUVDB-ID: #VU90837

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47464

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the audit_filter_rules() function in kernel/auditsc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Stack-based buffer overflow

EUVDB-ID: #VU91296

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47465

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack overflow within the _GLOBAL() and REST_NVGPRS() functions in arch/powerpc/kvm/book3s_hv_rmhandlers.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) Memory leak

EUVDB-ID: #VU91619

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47466

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kmem_cache_open() function in mm/slub.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Information disclosure

EUVDB-ID: #VU91331

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47467

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the kfree_at_end() function in lib/kunit/executor_test.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) Improper locking

EUVDB-ID: #VU92012

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47468

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nj_release() function in drivers/isdn/hardware/mISDN/netjet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Improper locking

EUVDB-ID: #VU90737

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47469

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the LIST_HEAD(), spi_add_device(), spi_add_device_locked(), spi_register_controller() and spi_unregister_controller() functions in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Use-after-free

EUVDB-ID: #VU90062

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47470

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __kmem_cache_create() function in mm/slub.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) NULL pointer dereference

EUVDB-ID: #VU90409

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47471

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mxsfb_irq_disable() function in drivers/gpu/drm/mxsfb/mxsfb_drv.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) Memory leak

EUVDB-ID: #VU89940

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47472

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __mdiobus_register() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) Memory leak

EUVDB-ID: #VU89941

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47473

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak in drivers/scsi/qla2xxx/qla_bsg.c. A local user can crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) Buffer overflow

EUVDB-ID: #VU91304

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47474

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the vmk80xx_do_bulk_msg() function in drivers/staging/comedi/drivers/vmk80xx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

119) NULL pointer dereference

EUVDB-ID: #VU90836

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47475

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the IC3_VERSION BIT() and vmk80xx_alloc_usb_buffers() functions in drivers/staging/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

120) Input validation error

EUVDB-ID: #VU90851

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47476

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sizeof() and ni6501_find_endpoints() functions in drivers/staging/comedi/drivers/ni_usb6501.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

121) Information disclosure

EUVDB-ID: #VU91330

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47477

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the dt9812_read_info(), dt9812_read_multiple_registers(), dt9812_write_multiple_registers() and dt9812_rmw_multiple_registers() functions in drivers/staging/comedi/drivers/dt9812.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

122) Out-of-bounds read

EUVDB-ID: #VU91081

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47478

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the isofs_read_inode() function in fs/isofs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

123) Use-after-free

EUVDB-ID: #VU90059

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47479

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the r871xu_dev_remove() function in drivers/staging/rtl8712/usb_intf.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

124) Resource management error

EUVDB-ID: #VU93589

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47480

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the scsi_device_dev_release_usercontext() function in drivers/scsi/scsi_sysfs.c, within the EXPORT_SYMBOL() function in drivers/scsi/scsi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

125) Improper Initialization

EUVDB-ID: #VU91549

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47481

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the reg_create() and create_user_odp_mr() functions in drivers/infiniband/hw/mlx5/mr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

126) Improper error handling

EUVDB-ID: #VU90930

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47482

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the batadv_tt_init() function in net/batman-adv/translation-table.c, within the batadv_nc_mesh_init() function in net/batman-adv/network-coding.c, within the batadv_mesh_init() function in net/batman-adv/main.c, within the batadv_bla_init() function in net/batman-adv/bridge_loop_avoidance.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

127) Double free

EUVDB-ID: #VU90920

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47483

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the regcache_rbtree_insert_to_block() function in drivers/base/regmap/regcache-rbtree.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

128) NULL pointer dereference

EUVDB-ID: #VU90403

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47484

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nix_free_tx_vtag_entries() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c, within the rvu_dbg_qsize_write() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

129) Buffer overflow

EUVDB-ID: #VU91305

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47485

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the qib_user_sdma_num_pages(), qib_user_sdma_free_pkt_frag(), qib_user_sdma_pin_pkt() and qib_user_sdma_queue_pkts() functions in drivers/infiniband/hw/qib/qib_user_sdma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

130) NULL pointer dereference

EUVDB-ID: #VU91225

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47486

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bpf_int_jit_compile() function in arch/riscv/net/bpf_jit_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

131) Memory leak

EUVDB-ID: #VU89934

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47488

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the cgroup_kill_sb() function in kernel/cgroup/cgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

132) Out-of-bounds read

EUVDB-ID: #VU91082

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47489

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dp_phy_settings_write(), dp_phy_test_pattern_debugfs_write(), dp_dsc_passthrough_set(), trigger_hotplug(), dp_dsc_clock_en_write(), dp_dsc_slice_width_write(), dp_dsc_slice_height_write(), dp_dsc_bits_per_pixel_write() and dp_max_bpc_write() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

133) Memory leak

EUVDB-ID: #VU90441

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47490

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ttm_transfered_destroy() function in drivers/gpu/drm/ttm/ttm_bo_util.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

134) Improper privilege management

EUVDB-ID: #VU93735

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47491

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the hugepage_vma_check() function in mm/khugepaged.c. A local user can read and manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

135) Improper error handling

EUVDB-ID: #VU92941

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47492

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the collapse_file() function in mm/khugepaged.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

136) Race condition

EUVDB-ID: #VU91465

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47493

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the ocfs2_test_bg_bit_allocatable() function in fs/ocfs2/suballoc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

137) Improper locking

EUVDB-ID: #VU91442

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47494

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cfg80211_mgmt_registrations_update(), cfg80211_mlme_register_mgmt(), cfg80211_mlme_unregister_socket() and cfg80211_rx_mgmt_khz() functions in net/wireless/mlme.c, within the INIT_WORK() and cfg80211_init_wdev() functions in net/wireless/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

138) Input validation error

EUVDB-ID: #VU90852

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47495

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

139) Buffer overflow

EUVDB-ID: #VU91197

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47496

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the tls_err_abort(), tls_tx_records(), tls_push_record(), tls_sw_recvmsg() and tls_sw_splice_read() functions in net/tls/tls_sw.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

140) Out-of-bounds read

EUVDB-ID: #VU90276

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47497

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the nvmem_shift_read_buffer_in_place() function in drivers/nvmem/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

141) Resource management error

EUVDB-ID: #VU92964

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47498

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the dm_mq_queue_rq() function in drivers/md/dm-rq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

142) Memory leak

EUVDB-ID: #VU89922

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47499

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kxcjk1013_probe() and kxcjk1013_remove() functions in drivers/iio/accel/kxcjk-1013.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

143) Use-after-free

EUVDB-ID: #VU90050

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47500

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mma8452_trigger_setup() function in drivers/iio/accel/mma8452.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

144) NULL pointer dereference

EUVDB-ID: #VU90392

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47501

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_dbg_dump_desc() function in drivers/net/ethernet/intel/i40e/i40e_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

145) Buffer overflow

EUVDB-ID: #VU93137

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47502

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the slim_rx_mux_get(), slim_rx_mux_put() and slim_tx_mixer_put() functions in sound/soc/codecs/wcd934x.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

146) NULL pointer dereference

EUVDB-ID: #VU90388

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47503

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pm8001_alloc() function in drivers/scsi/pm8001/pm8001_init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

147) Use-after-free

EUVDB-ID: #VU90051

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47505

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the POLLFREE() function in include/uapi/asm-generic/poll.h, within the aio_poll(), aio_poll_complete_work(), aio_poll_cancel(), aio_poll_wake() and aio_poll_queue_proc() functions in fs/aio.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

148) Use-after-free

EUVDB-ID: #VU90052

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47506

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hash_delegation_locked(), unhash_delegation_locked() and nfsd4_cb_recall_prepare() functions in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

149) NULL pointer dereference

EUVDB-ID: #VU90389

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47507

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the init_nfsd(), nfsd4_exit_pnfs() and exit_nfsd() functions in fs/nfsd/nfsctl.c, within the register_cld_notifier() function in fs/nfsd/nfs4recover.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

150) Buffer overflow

EUVDB-ID: #VU93398

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47509

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the snd_pcm_oss_set_fragment1() function in sound/core/oss/pcm_oss.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

151) Resource management error

EUVDB-ID: #VU93597

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47510

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the walk_up_log_tree(), walk_log_tree() and free_log_tree() functions in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

152) Buffer overflow

EUVDB-ID: #VU92005

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47511

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the snd_pcm_hw_param_value_min() and snd_pcm_oss_period_size() functions in sound/core/oss/pcm_oss.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

153) Memory leak

EUVDB-ID: #VU89923

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47513

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the felix_setup_mmio_filtering() function in drivers/net/dsa/ocelot/felix.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

154) Information disclosure

EUVDB-ID: #VU91329

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47514

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the devlink_nl_cmd_reload() function in net/core/devlink.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

155) Memory leak

EUVDB-ID: #VU89924

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47516

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nfp_cpp_area_cache_add() function in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

156) NULL pointer dereference

EUVDB-ID: #VU90531

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47518

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nfc_genl_dump_ses_done() function in net/nfc/netlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

157) Use-after-free

EUVDB-ID: #VU91053

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47520

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the pch_can_rx_normal() function in drivers/net/can/pch_can.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

158) Use-after-free

EUVDB-ID: #VU91052

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47521

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ems_pcmcia_add_card() function in drivers/net/can/sja1000/ems_pcmcia.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

159) NULL pointer dereference

EUVDB-ID: #VU90390

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47522

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the bigben_worker() function in drivers/hid/hid-bigbenff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

160) Information disclosure

EUVDB-ID: #VU91327

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47523

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the hfi1_init(), hfi1_free_devdata(), hfi1_alloc_devdata() and cleanup_device_data() functions in drivers/infiniband/hw/hfi1/init.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

161) Information disclosure

EUVDB-ID: #VU91326

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47524

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the liteuart_probe() function in drivers/tty/serial/liteuart.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

162) Use-after-free

EUVDB-ID: #VU90054

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47525

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the liteuart_remove() function in drivers/tty/serial/liteuart.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

163) NULL pointer dereference

EUVDB-ID: #VU90393

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47526

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the liteuart_probe() function in drivers/tty/serial/liteuart.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

164) Memory leak

EUVDB-ID: #VU90437

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47527

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the uart_tty_port_shutdown() function in drivers/tty/serial/serial_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

165) NULL pointer dereference

EUVDB-ID: #VU90394

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47528

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cdnsp_endpoint_init() function in drivers/usb/cdns3/cdnsp-mem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

166) Memory leak

EUVDB-ID: #VU89926

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47529

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the iwl_uefi_reduce_power_section() function in drivers/net/wireless/intel/iwlwifi/fw/uefi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-livepatch: before 5.14.21-150400.24.122.2

kernel-default-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build-debugsource: before 5.14.21-150400.24.122.2

kernel-default-extra: before 5.14.21-150400.24.122.2

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-livepatch-devel: before 5.14.21-150400.24.122.2

gfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-devel: before 5.14.21-150400.24.122.2

kernel-default-optional-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-debugsource: before 5.14.21-150400.24.122.2

cluster-md-kmp-default: before 5.14.21-150400.24.122.2

kernel-obs-qa: before 5.14.21-150400.24.122.1

kernel-default-optional: before 5.14.21-150400.24.122.2

dlm-kmp-default: before 5.14.21-150400.24.122.2

kernel-syms: before 5.14.21-150400.24.122.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.122.2

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.122.2

kernel-obs-build: before 5.14.21-150400.24.122.2

reiserfs-kmp-default: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.122.2

kernel-default-base-rebuild: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-default-base: before 5.14.21-150400.24.122.2.150400.24.58.2

kernel-kvmsmall-devel: before 5.14.21-150400.24.122.2

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.122.2

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-devel: before 5.14.21-150400.24.122.2

kernel-debug-debugsource: before 5.14.21-150400.24.122.2

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.122.2

kernel-debug-livepatch-devel: before 5.14.21-150400.24.122.2

kernel-debug: before 5.14.21-150400.24.122.2

kernel-macros: before 5.14.21-150400.24.122.1

kernel-source: before 5.14.21-150400.24.122.1

kernel-source-vanilla: before 5.14.21-150400.24.122.1

kernel-docs-html: before 5.14.21-150400.24.122.2

kernel-devel: before 5.14.21-150400.24.122.1

kernel-docs: before 5.14.21-150400.24.122.2

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20242189-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

167) NULL pointer dereference

EUVDB-ID: #VU93049

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47533

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vc4_atomic_commit_tail() function in drivers/gpu/drm/vc4/vc4_kms.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

kernel-64kb: before 5.14.21-150400.24.122.2

dtb-marvell: before 5.14.21-150400.24.122.1

kernel-64kb-debugsource: before 5.14.21-150400.24.122.2

dtb-renesas: before 5.14.21-150400.24.122.1

dtb-lg: before 5.14.21-150400.24.122.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-arm: before 5.14.21-150400.24.122.1

dlm-kmp-64kb: before 5.14.21-150400.24.122.2

dtb-apm: before 5.14.21-150400.24.122.1

dtb-amlogic: before 5.14.21-150400.24.122.1

dtb-mediatek: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

reiserfs-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.122.2

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

dtb-amd: before 5.14.21-150400.24.122.1

dtb-xilinx: before 5.14.21-150400.24.122.1

dtb-altera: before 5.14.21-150400.24.122.1

dtb-cavium: before 5.14.21-150400.24.122.1

dtb-freescale: before 5.14.21-150400.24.122.1

dtb-broadcom: before 5.14.21-150400.24.122.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.122.2

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional: before 5.14.21-150400.24.122.2

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-extra: before 5.14.21-150400.24.122.2

dtb-amazon: before 5.14.21-150400.24.122.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.122.2

dtb-exynos: before 5.14.21-150400.24.122.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.122.2

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.122.2

dtb-nvidia: before 5.14.21-150400.24.122.1

kselftests-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.122.2

dtb-sprd: before 5.14.21-150400.24.122.1

dtb-apple: before 5.14.21-150400.24.122.1

dtb-qcom: before 5.14.21-150400.24.122.1

dtb-hisilicon: before 5.14.21-150400.24.122.1

dtb-rockchip: before 5.14.21-150400.24.122.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.122.2

gfs2-kmp-64kb: before 5.14.21-150400.24.122.2

kernel-64kb-devel: before 5.14.21-150400.24.122.2

dtb-allwinner: before 5.14.21-150400.24.122.1

dtb-socionext: before 5.14.21-150400.24.122.1

dtb-aarch64: before 5.14.21-150400.24.122.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.122.2

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.122.2

kernel-zfcpdump: before 5.14.21-150400.24.122.2

kernel-livepatch-SLE15-SP4_Update_27-debugsource: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default-debuginfo: before 1-150400.9.3.2

kernel-livepatch-5_14_21-150400_24_122-default: before 1-150400.9.3.2

kernel-kvmsmall: before 5.14.21-150400.24.122.2

kernel-default: before 5.14.21-150400.24.122.2

ocfs2-kmp-default: before 5.14.21-150400.24.122.2

kernel-default-extra-debuginfo: before 5.14.21-150400.24.122.2